HPE Community
Operating System - HP-UX
1753802 Members
7834 Online
108805 Solutions
New Discussion юеВ

how to authorized non-root user to executed some programs??

 
Bernard Chan
Occasional Advisor

тАО12-29-2002 11:50 PM

тАО12-29-2002 11:50 PM

how to authorized non-root user to executed some programs??

Hi,
Currently i'm running on HP-UX11.0, i would like to know how can i authorize other user to run certain scripts files or program?? Now the other user account are not authorized to do a single things..so how am i goin to solve the problem??
0 Kudos
Reply
8 REPLIES 8
Rajeev Shukla
Honored Contributor

тАО12-30-2002 12:50 AM

тАО12-30-2002 12:50 AM

Re: how to authorized non-root user to executed some programs??

Hi,
Sudo is better but if want to customize those scripts for some users only best would be to write a c program with the setuid and run those programs.
I have some programs posted before.

Rajeev
0 Kudos
Reply
Alex Glennie
Honored Contributor

тАО12-30-2002 02:29 AM

тАО12-30-2002 02:29 AM

Re: how to authorized non-root user to executed some programs??

see http://www.courtesan.com/sudo/

for downloads & documentation ...
0 Kudos
Reply
Elif Gius
Valued Contributor

тАО12-30-2002 02:44 AM

тАО12-30-2002 02:44 AM

Re: how to authorized non-root user to executed some programs??

Hi

Try like suggested the sudo programm. We use it too and it wirks fine.
Also you can use the s-Bit for giving some users the rigth to execute dedicated binaries.
0 Kudos
Reply
John Meissner
Esteemed Contributor

тАО12-30-2002 11:51 AM

тАО12-30-2002 11:51 AM

Re: how to authorized non-root user to executed some programs??

my recommendation is a free HP program called ServiceControl Manager. (SCM for short). I currently use this program with our company to allow the tier 1 and tier 2 support teams to issue commands as root (without giving them the root password). They can they run anything from a 'bdf' to using 'sam'.
All paths lead to destiny
0 Kudos
Reply
Tor-Arne Nostdal
Trusted Contributor

тАО12-31-2002 04:51 AM

тАО12-31-2002 04:51 AM

Re: how to authorized non-root user to executed some programs??

You can also create a script where the necessary commands can be performed.

Then add the script to /etc/shells

Make this as the login shell for a particulare user.

Then give privilegies by adding the user to root group and set this as default GID.
----------
NB!
You must ensure that the script cant be trapped and thus let the user break out and into a ordinary shell.

Avoid using commands like more or vi or others that have built in functionality which allow users to start subshells
I'm trying to become President of the state I'm in...
0 Kudos
Reply
Rory R Hammond
Trusted Contributor

тАО01-02-2003 08:08 AM

тАО01-02-2003 08:08 AM

Re: how to authorized non-root user to executed some programs??

Another approach is to make special groups and set group permissions.
There are a 100 ways to do things and 97 of them are right
0 Kudos
Reply
David Bell_1
Honored Contributor

тАО01-02-2003 10:00 AM

тАО01-02-2003 10:00 AM

Re: how to authorized non-root user to executed some programs??

You can also use the restricted sam shell. Create the program/script functions as part of SAM and only allow the users to see what you want them to see. Boot them directly to the restricted SAM shell. See man on sam -R.

HTH,

Dave
0 Kudos
Reply
Chris Wong
Trusted Contributor

тАО01-02-2003 03:37 PM

тАО01-02-2003 03:37 PM

Re: how to authorized non-root user to executed some programs??

Hi,

The advice you've received has been summarized in 2 articles I have:

http://newfdawg.com/SHP-Articles.htm

Distributing root privileges Part 1 and 2. You can use these methods for distributing the privileges of any user to another.

There are also 3rd party purchaseable products, such as PowerBroker from Symark.

- Chris


0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.