Operating System - Tru64 Unix
1748123 Members
3316 Online
108758 Solutions
New Discussion юеВ

How to grant the privilege to other users?

 
SOLVED
Go to solution
hy_3
Frequent Advisor

How to grant the privilege to other users?

I want a normal user to have the privilege to kill the other users processes.How should I do?
Thnak you.OS are V4.0F and V5.1A.
8 REPLIES 8
Ravi_8
Honored Contributor

Re: How to grant the privilege to other users?

Hi.

It's not a good process to give access to users to kill others processes.

anyway if you wish you can do so by using SUDO
never give up
hy_3
Frequent Advisor

Re: How to grant the privilege to other users?

Could you describe the 'SUDO' in detail?Thank you.By the way,what about the 'dop'?
Ralf Puchner
Honored Contributor

Re: How to grant the privilege to other users?

dop is the right choice on tru64 platforms. Have a look into the man page.

Another approach is to set the S-Bit on the ps command.
Help() { FirstReadManual(urgently); Go_to_it;; }
hy_3
Frequent Advisor

Re: How to grant the privilege to other users?

I do following the man page,but it does not work.Could you tell me how I should do?And the 'dop' is only available on V5,then on V4
what should I do?
Ravi_8
Honored Contributor

Re: How to grant the privilege to other users?

Hi

dop is available in all versions
under /usr/sbin

#dop -n action
never give up
hy_3
Frequent Advisor

Re: How to grant the privilege to other users?

Could you please give me an example of 'dop'?Because I do as the man page telling me,but it does not work at all.Thank you.
hy_3
Frequent Advisor

Re: How to grant the privilege to other users?

Who can provide me some documents about 'dop'?The man page's description is not particular.Thank you.
PeterWolfe
Respected Contributor
Solution

Re: How to grant the privilege to other users?

Dop was available starting in V4.0 but
it was not formally supported on V4.x
systems. It was used internally when
launching CDE applications
(e.g. dxaccounts, dxfileshare,
etc. etc.) from the CDE Application
Manager.

Starting with V5.0, dop was documented
and exposed for customer use.

If you aren't worried about formal
support, on a V4.x system look at
/etc/doprc. Basically there are stanzas
that look like:

dop_action_name {
{path { }}
}

For example:

bindconfig {
{path { /usr/sbin/bindconfig }}
}

At the top of the file is a stanza:

global_admin {
{users { root }}
{groups { }}
}

If you add usernames to the users list
then that user can run any application
listed in /etc/doprc (i.e. he's the same
as root). That's typically not what you
want - you want to allow a specific user
to run a specific app or set of apps.
For this you can add the users and
groups stanzas to the application
stanzas. For example:

bindconfig {
{path { /usr/sbin/bindconfig }}
{users { pete }}
{groups { admins }}
}



From the command line you would do:
dop bindconfig

If I'm user Peter I'd be allowed to run
the application as root. If I'm in the
admins group, I'd be able to as well.

For V5.x there are command line and GUI
interfaces to DOP and you no longer hand
edit the /etc/doprc file. The features
change slightly as well. There is the
notion of privileges in later versions
of DOP.

pete