Operating System - HP-UX
1827802 Members
2304 Online
109969 Solutions
New Discussion

sig_named and normal user

 
galu
New Member

sig_named and normal user

Hi!
I want to allow common users mofify DNS entries and restart named with sig_named restart. I tried to write script with SUID but it didn't work. I get return: "kill: 4272: Permission denied". Is it possible do it and how?

G.
3 REPLIES 3
Jaime Bolanos Rojas.
Honored Contributor

Re: sig_named and normal user

Galu,

Maybe this page will help you out, please take a look at it:

"Aside: We assume that the production BIND configuration will be changed/managed by root. You may prefer to create a specific user for this task at this stage, e.g. 'dnsmgr' which belongs to the 'bind' group and has write access to /dns/etc/named.conf and /dns/var/named."

http://www.boran.com/security/sp/bind9_20010430.html

Regards,

Jaime.
Work hard when the need comes out.
Peter Nikitka
Honored Contributor

Re: sig_named and normal user

Hi,

1. I would not do that - tempering with DNS data by a normal user ...?? He/she should know what's going on!
2. Install and use sudo, you'll find it here (and at other places as well ...):

http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXIEXP1111

mfG Peter
The Universe is a pretty big place, it's bigger than anything anyone has ever dreamed of before. So if it's just us, seems like an awful waste of space, right? Jodie Foster in "Contact"
James R. Ferguson
Acclaimed Contributor

Re: sig_named and normal user

Hi:

You didn't specify the operating system version nor exactly how you implemented a 'suid' solution.

If you implemented this as only a shell script, then only the effective uid, not the real uid will reflect 'root'. Some tasks require the real id to be root for privilege. This can only be accomplished by calling 'setresuid(2)' in a C program.

Regards!

...JRF...