Re: User privileges

haimi · ‎10-21-2008

Hello Geeks,

How can I allow normal user to execute System Admin commands like 'swlist' or 'diskinfo'?

Thanks

Jeeshan · ‎10-21-2008

you can use SUID bit to swlist or diskinfo command

or you can use SUDO.

a warrior never quits

Suraj K Sankari · ‎10-21-2008

Hi,

To configure sudo you need to take this steps.
/usr/sbin/visudo it will open the file /etc/sudoers
put these entry into it
%groupname servername=/usr/sbin/diskinfo,/usr/sbin/swlist
or
username servername=/usr/sbin/diskinfo,/usr/sbin/swlist

Save the file

switch to user username
run
sudo /usr/sbin/diskinfo
it will ask passwd of the user

Suraj

Dennis Handly · ‎10-22-2008

>System Admin commands like 'swlist'

Normally swlist doesn't need root. You can use swacl to restrict it.

Jannik · ‎10-22-2008

Compile this small progam:
#include
#include

int main (argc, argv)
int argc;
char **argv;
{
if (setuid (0) == 0)
{
return (system ("yourprogram"));
}
else
{
perror ("setuid");
return (1);
}
}

Make changes yourprogram to say diskinfo or swlist or some other. After the compile

# cc program.c

Change the permissions:

# chmod 4755 a.out

This program is a security risk as anything else that will compromise the execution of privileged programs.
But then so is sudo :-)

jaton

Grayh · ‎10-22-2008

Some of my below discussions should be of great help to you

http://forums12.itrc.hp.com/service/forums/questionanswer.do?threadId=1272931

http://forums12.itrc.hp.com/service/forums/questionanswer.do?threadId=1275696

http://forums12.itrc.hp.com/service/forums/questionanswer.do?threadId=1272698

Adam W. · ‎10-22-2008

Haimi,
SUDO is your best (and safest) bet here. I use sudo for pretty much all of my users who need to do SPECIFIC tasks. If you need something more general SUDO may not be the way to go, but for specific commands and access, it is hard to beat SUDO.

There are two types of people in the world, Marines and those who wish they were.

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: User privileges

User privileges