- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: PROBLEM: RBAC privrun when execute an runtime ...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-02-2008 04:26 AM
тАО07-02-2008 04:26 AM
Re: PROBLEM: RBAC privrun when execute an runtime program used Oracle/Cobol libraries
I already tested "KEEPENV" possitive :)
It will keep all the environement variables to the end of the execution,
Regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-02-2008 05:17 AM
тАО07-02-2008 05:17 AM
Re: PROBLEM: RBAC privrun when execute an runtime program used Oracle/Cobol libraries
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-02-2008 05:24 AM
тАО07-02-2008 05:24 AM
Re: PROBLEM: RBAC privrun when execute an runtime program used Oracle/Cobol libraries
the owner id is 110
it work without privrun, but the purpose of RBAC to run this application with deffernet users
Abdul Majeed
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-02-2008 05:42 AM
тАО07-02-2008 05:42 AM
Re: PROBLEM: RBAC privrun when execute an runtime program used Oracle/Cobol libraries
Then is has to be the environment variables.
Did you try this exact command?
privrun env | grep LIB
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-02-2008 06:25 AM
тАО07-02-2008 06:25 AM
Re: PROBLEM: RBAC privrun when execute an runtime program used Oracle/Cobol libraries
dld.so ignores these variables for setuid programs so that may erase them before RBAC
Instead of "erase", it just ignores them.
You need to follow the directions in the dld patch:
http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=PHSS_37947
Or in HP-UX Linker and Libraries User's Guide, Running setuid Programs:
http://docs.hp.com/en/B2355-90968/creatingandusinglibraries.htm
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-28-2008 08:22 AM
тАО10-28-2008 08:22 AM
Re: PROBLEM: RBAC privrun when execute an runtime program used Oracle/Cobol libraries
I added 2 lines to cmd_priv:
/usr/d2000/d2000.exe/bin/kernel:dflt:(d2000.start,*):0/0//:dflt:dflt:dflt:KEEPENV
/usr/bin/env:dflt:(d2000.start,*):0/0//:dflt:dflt:dflt:KEEPENV
But "privrun env | grep LIB" does not show any output, although both SHLIB_PATH and LD_LIBRARY_PATH are set!
My binary (kernel) fails
$ privrun kernel
/usr/lib/hpux64/dld.so: Unable to find library 'libclntsh.so.10.1'.
Killed
but if I do (as root)
chown root kernel
chmod 4755 kernel
then running kernel (directly, as a suid binary) works ok!
Besides having set environment
$ env | grep LIB
SHLIB_PATH=/opt/u1/oracle/lib
LD_LIBRARY_PATH=/opt/u1/oracle/lib
I have library path also in /etc/dld.sl.conf (without it setuid binary didn't work).
The difference between
"privrun env" and "env" is that 3 variables are missing in the output of "privrun env" : HOME, SHLIB_PATH and LD_LIBRARY_PATH - in spite of the fact that KEEPENV flag was set for env (see my cmd_priv).
Is it a bug or do I miss something?
Regards,
Peter Humaj
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-28-2008 02:22 PM
тАО10-28-2008 02:22 PM
Re: PROBLEM: RBAC privrun when execute an runtime program used Oracle/Cobol libraries
Then privrun is broken or KEEPENV isn't working.
>I have library path also in /etc/dld.sl.conf (without it setuid binary didn't work).
Ok, I don't need to tell you about that.
>3 variables are missing: HOME, SHLIB_PATH and LD_LIBRARY_PATH - in spite of the fact that KEEPENV flag was set for env
>Is it a bug or do I miss something?
It seems like a bug. There is no need to remove HOME except it may be confusing.
- « Previous
-
- 1
- 2
- Next »