• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 305
  • Last Modified:

solaris permission question

Hi all O/S experts,
On Solaris 9 simply I have user x own an application and user y normal user on the system , I need user y to execute the application as it is user x " the owner", so when you check the process status you will find that user x running the application not user y. even if the appliction will create an output file , this file should be owned by user x too.

How can we impliment that ?

Thanks in advance

Husam
0
husamzm
Asked:
husamzm
1 Solution
 
bloemkool1980Commented:
If the process is spawned by user X the log file will have the same owner ship if the logfile is not created via the syslog because then default owner of the log file will be root.
If you would like that user Y can start the application you will have to give him the rights to do it, meaning that the user needs execute rights on the application.
But the owner of the process will be also the owner of the log file normally.
So who is the owner of the logfile in your case when Y launches the application and where is it stored, and does it go via the syslog ??
0
 
ocon827679Commented:
Won't setuid do this?  If the file system was created with default attribs, you shuld be able to set permissions so that the SUID will have the executable run as the owner, regardless of who actually executes it.  Look at the man page for chmod.  I believe all you need to do is set the permissions with the chmod command.  "chmod 4755 filename"  the "4" turns on the setuid bit.
0
 
fim32Commented:
true, setuid will do that.

another option would be sudo.  once you allow user y to run user x's script as user x, user y can just:

sudo -u y script
0
 
mdhmiCommented:

Solaris 9 ships with RBAC.  Using RBAC would be preferred in the sense that it is supported by Sun.  sudo, however, would be the easiest solution.  You can download sudo from http://www.sunfreeware.com.

Mark
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now