HPE Community
Operating System - HP-UX
1819901 Members
2484 Online
109607 Solutions
New Discussion юеВ

Re: Special permissions

 
Manuales
Super Advisor

тАО09-08-2007 11:12 PM

тАО09-08-2007 11:12 PM

Special permissions

Hi ...
i have a user trustable as root, it is for monitoring some things into the servers ...

then, i need to send a report about configuration of the server .. my user id is named "usertrust" and i want he can use the command print_manifest , i know that exists something about to give special permissions ...

the command is as follows:
$ ls -rlt /opt/ignite/bin/print_manifest
-r-xr-xr-x 1 bin bin 40960 Jan 19 2001 /opt/ignite/bin/print_manifest

how change the permissions for being used for other user different to root?

please let me know.
thanks.
0 Kudos
Reply
8 REPLIES 8
Steven E. Protter
Exalted Contributor

тАО09-08-2007 11:17 PM

тАО09-08-2007 11:17 PM

Re: Special permissions

Shalom,

http://software.hp.com
Search for Internet Express

Pick the version for your OS.

Install sudo

This will let you elevate the priviledges for a command for any user one command at a time.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Manuales
Super Advisor

тАО09-08-2007 11:18 PM

тАО09-08-2007 11:18 PM

Re: Special permissions

but exists something like "sticky", do you know that?
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО09-09-2007 12:20 AM

тАО09-09-2007 12:20 AM

Re: Special permissions

Shalom,

I think the version I refer to is not a problem with the sticky bit. It installs without issue.

If you get an install error, you can set the sticky bit on the binary after installation and everything will work right.

I find the Quality Assurance on software.hp.com superior to that on the external open source HP-UX porting and archive center software.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Manuales
Super Advisor

тАО09-09-2007 12:51 AM

тАО09-09-2007 12:51 AM

Re: Special permissions

the thing here is that i do not know how to use sticky bit ... could you please give me an example ? thanks in advance.

regards.
0 Kudos
Reply
Ivan Krastev
Honored Contributor

тАО09-09-2007 01:07 AM

тАО09-09-2007 01:07 AM

Re: Special permissions

Perhaps you mean setud bit - http://en.wikipedia.org/wiki/Setuid


regards,
ivan
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

тАО09-09-2007 01:12 AM

тАО09-09-2007 01:12 AM

Re: Special permissions

Hi Manuales:

# but exists something like "sticky", do you know that?

You are confusing the 'sticky' bit with the 'setuid' bit. On executables, the 'sticky' bit is set the 'text' (code instructions) are retained in swap space when the last user of the executable terminates. The next instantiation of the executable is faster because the kernel can simply swap-in the text rather than fetch the executable by seaching the filesystem.

The 'setuid' bit allows the process to run with the privileges of the file's owner. In the case of the owner being 'root' this would confer 'root' privileges to the process running it.

Setuid scripts are disallowed in current HP-UX versions. They are, and always have been a security risk. Setuid binary executables are allowed, and it is possible to craft a setuid C-program wrapper to allow "privileded" execution of a particular script.

The use of 'sudo' is the appropriate solution for a non-root user, though.

The manpages for 'chmod(1)' and 'chmod(2)' wil offer you more information on the various mode bits.

Regards!

...JRF...
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО09-09-2007 01:13 AM

тАО09-09-2007 01:13 AM

Re: Special permissions

Shalom,

I always remember any post installation steps by seeing the install log.

Please install sudo as I've recommended and then update the installation log.

Then I can provide post installation steps. As I stated I don't think there are any for the product ixsudo provided by HP.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
whiteknight
Honored Contributor

тАО09-09-2007 03:38 AM

тАО09-09-2007 03:38 AM

Re: Special permissions


Manuales,

You can use HP 's Sudo equivalent called RBAC to assign a role to a particular user.

http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=AccessControl

Check it out!
WK
please assign points
Problem never ends, you must know how to fix it
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.