Showing results for 
Search instead for 
Did you mean: 

suid script help

Go to solution
Belinda Dermody
Super Advisor

Re: suid script help

Daniel, what I see I like, but I went to the GNU site and I couldn't find any reference for gdate and also the HP software site with no luck. Could you point me to where you got it from...
Honored Contributor

Re: suid script help

I saw the comment that you don't want to use sudo because the users would need to enter their password a second time, but didn't notice anyone addressing your point. What you stated is not necessarily true. There is an option when configuring a command or group that will allow the authorized users to execute the command with entering their password. Check out the sudo man page for the details. I don't remember the syntax off the top of my head, but I know this is possible.
Jeff Traigle
A. Daniel King_1
Super Advisor

Re: suid script help

Ah, sorry about the naming. "gdate" is GNU "date" part of the shell-utils (now part of coreutils). The prepending of the "g" is a fairly common practice, but it is not the default name. I've not used this particular package, preferring to compile my own. There seem to be some dependencies, which I donâ t recall needing for the run-time for gdate, though.

Theyâ ve also got sudo, which is fairly easy to use as well,

The syntax for the sudo config item without passwords is as follows (presuming your account is jmarrion):

jmarrion ALL = NOPASSWD: /usr/lbin/getprpw

or for a system group called â itrcâ :

%itrc ALL = NOPASSWD: /usr/lbin/getprpw

"visudo" is the configuration command for sudo.

WARNING: This does not limit the use of getprpw to the calling user, so users would be able to read information other than their own. Perhaps something would be better like:

jmarrion ALL = NOPASSWD: /usr/local/bin/getexptm

where getexptm is:


/usr/lbin/getprpw $LOGNAME
Command-Line Junkie