HPE Community
Operating System - HP-UX
1832227 Members
2700 Online
110041 Solutions
New Discussion

Setuid execution not allowed

 
SOLVED
Go to solution
Fuad_1
Regular Advisor

‎11-12-2002 09:22 PM

‎11-12-2002 09:22 PM

Setuid execution not allowed

Hi,

I am trying to start a program with the following line as stated in the manual:

/opt/cdunix/ndm/bin/cdpmgr -i /opt/cdunix/ndm/cfg/bat_sap1/initparm.cfg

after that I got the following message:

/opt/cdunix/ndm/bin/cdpmgr: Setuid execution not allowed
Initialization failed.

The file define as:

-r-sr-x--- 1 root sterling 5085576 Jun 16 2001 cdpmgr

can some one help to resolve this problem.
Set goals, and work to achieve them
0 Kudos
Reply
15 REPLIES 15
Michael Tully
Honored Contributor

‎11-12-2002 09:35 PM

‎11-12-2002 09:35 PM

Solution

Re: Setuid execution not allowed

The permissions I use for this background daemon are:

-r-sr-xr-x 1 root staff 5374764 Oct 17 2001 /usr/local/cdunix/ndm/bin/cdpmgr

Make sure that the filesystem your using it from it set so you can start 'suid' programs.
Check the entries in /etc/fstab for the filesystem so that they do not have the option as "nosuid"
Anyone for a Mutiny ?
Reply
T G Manikandan
Honored Contributor

‎11-12-2002 09:47 PM

‎11-12-2002 09:47 PM

Re: Setuid execution not allowed

The filesystem could be mounted with 'nosuid' flag.
check your /etc/fstab file.

Is the file system NFS mounted?
Then the above should be the case

Thanks

Reply
T G Manikandan
Honored Contributor

‎11-12-2002 09:55 PM

‎11-12-2002 09:55 PM

Re: Setuid execution not allowed

YOu have it on /opt.
make sure it does not have the nosuid option in the /etc/fstab.

/dev/vg00/lvolX /opt vxfs
delaylog 0 2

The file system by default without options support suid.


Reply
Fuad_1
Regular Advisor

‎11-13-2002 12:31 AM

‎11-13-2002 12:31 AM

Re: Setuid execution not allowed

Hi All,

Thanks for your replies, I have check the /etc/fstab and found the following entry:

/dev/vg00/lvol6 /opt vxfs delaylog 0 2

The option "nosuid" is not set. So, what could be the problem?!
Set goals, and work to achieve them
0 Kudos
Reply
T G Manikandan
Honored Contributor

‎11-13-2002 01:43 AM

‎11-13-2002 01:43 AM

Re: Setuid execution not allowed

How about other filesystems?

How about /tmp filesystem?

Can you post your /etc/fstab file

Thanks

NOte:

Please do not assign points 8-10 for the responses which have solved your problem.

0 Kudos
Reply
Fuad_1
Regular Advisor

‎11-13-2002 01:49 AM

‎11-13-2002 01:49 AM

Re: Setuid execution not allowed

here is the /etc/fstab

/dev/vg00/lvol3 / vxfs delaylog 0 1
/dev/vg00/lvol1 /stand hfs defaults 0 1
/dev/vg00/lvol4 /tmp vxfs delaylog 0 2
/dev/vg00/lvol5 /home vxfs delaylog 0 2
/dev/vg00/lvol6 /opt vxfs delaylog 0 2
/dev/vg00/lvol7 /usr vxfs delaylog 0 2
/dev/vg00/lvol8 /var vxfs delaylog 0 2
/dev/vgemc4/lvol3 /oracle/B01 vxfs rw,suid,largefiles,delaylog,datainlog 0 2
/dev/vgemc1/lvol1 /oracle/B01/sapdata1 vxfs rw,suid,largefiles,delaylog,datainlo
g 0 2
/dev/vgemc2/lvol1 /oracle/B01/sapreorg vxfs rw,suid,largefiles,delaylog,datainlo
g 0 2
/dev/vgemc2/lvol2 /oracle/B01/origlogA vxfs rw,suid,largefiles,delaylog,datainlo
g 0 2
/dev/vgemc2/lvol3 /oracle/B01/origlogB vxfs rw,suid,largefiles,delaylog,datainlo
g 0 2
/dev/vgemc2/lvol4 /oracle/stage/stage_806 vxfs rw,suid,largefiles,delaylog,datai
nlog 0 2
/dev/vgemc2/lvol5 /sapmnt/B01 vxfs rw,suid,largefiles,delaylog,datainlog 0 2
/dev/vgemc3/lvol1 /usr/sap/trans vxfs rw,suid,largefiles,delaylog,datainlog 0 2
/dev/vgemc4/lvol1 /oracle/B01/saparch vxfs rw,suid,largefiles,delaylog,datainlog
0 2
/dev/vgemc4/lvol2 /usr/sap/B01 vxfs rw,suid,largefiles,delaylog,datainlog 0 2
Set goals, and work to achieve them
0 Kudos
Reply
Clemens van Everdingen
Honored Contributor

‎11-13-2002 01:50 AM

‎11-13-2002 01:50 AM

Re: Setuid execution not allowed

Hi,

Have you tried to modify the permissions of the file with:

chmod 4775

Normally this should do the trick !

C.
The computer is a great invention, there are as many mistakes as ever, but they are nobody's fault !
0 Kudos
Reply
T G Manikandan
Honored Contributor

‎11-13-2002 01:54 AM

‎11-13-2002 01:54 AM

Re: Setuid execution not allowed

how did you run this
Did you run this as super user?(root)
Can you change the permissions as Micheal suggested on the executable
i.e
-r-sr-xr-x for the executable.

I meant not to assign 8-10 points which has //not// solved your query.

Revert.


0 Kudos
Reply
Fuad_1
Regular Advisor

‎11-13-2002 02:14 AM

‎11-13-2002 02:14 AM

Re: Setuid execution not allowed

I have tried the Micheal and Slemens suggested file permissions on both root and cduser lognames.
Set goals, and work to achieve them
0 Kudos
Reply
Fuad_1
Regular Advisor

‎11-13-2002 02:30 AM

‎11-13-2002 02:30 AM

Re: Setuid execution not allowed

I mean from the last message that all tries were failed.
Set goals, and work to achieve them
0 Kudos
Reply
John Palmer
Honored Contributor

‎11-13-2002 03:10 AM

‎11-13-2002 03:10 AM

Re: Setuid execution not allowed

Are you running a trusted system?

If so, then you may have to grant the relevant group (sterling in your case) SETRUGID privileges (see man 1m setprivgrp and man privgrp).

Try running 'setprivgrp sterling SETRUGID' and try again. If that works you'll have to add an entry to /etc/privgroup.

Sorry I can't test it as I don't have any trusted systems.

Regards,
John
0 Kudos
Reply
Bruce Rhind
New Member

‎11-14-2002 05:13 AM

‎11-14-2002 05:13 AM

Re: Setuid execution not allowed

Verify the permissions of the mount point for this filesystem, with the filesystem unmounted. I've seen strange results when the permissions of the mountpoint are more restrictive than when the filesystem is mounted.
Beer is food.
Reply
Jean-Louis Phelix
Honored Contributor

‎11-14-2002 06:26 AM

‎11-14-2002 06:26 AM

Re: Setuid execution not allowed

Hi,

I would rather ask you the output of a 'mount -p' command, because the filesystem your are using has perhaps been mounted out of fstab , I mean manually. Is it NFS mounted ?

Regards.
It works for me (© Bill McNAMARA ...)
Reply
doug hosking
Esteemed Contributor

‎11-14-2002 09:23 AM

‎11-14-2002 09:23 AM

Re: Setuid execution not allowed

According to the source, this error can happen
if:

1) program is setuid and the uid is out of bounds.
2) program is setgid and the gid is out of bounds.
3) The previously mentioned 'nosuid' case

I assume that root has a uid of 0 on your system (else you'd have lots of other interesting problems!).

The program isn't setgid, so 2) does not seem relevant.

That leaves the nosuid issue mentioned by others or an error message generated by the program itself as the obvious explanations.


0 Kudos
Reply
Kellogg Unix Team
Trusted Contributor

‎11-14-2002 09:24 AM

‎11-14-2002 09:24 AM

Re: Setuid execution not allowed

Did it ever work or is it the first time you are trying to run it?

(the reason for asking is - is the binary for same version of hp-ux?)

Rgds
...Manjeet
work is fun ! (my manager is standing behind me!!)
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.