Solved

solaris permission question

Posted on 2004-03-24
6
276 Views
Last Modified: 2013-12-27
Hi all O/S experts,
On Solaris 9 simply I have user x own an application and user y normal user on the system , I need user y to execute the application as it is user x " the owner", so when you check the process status you will find that user x running the application not user y. even if the appliction will create an output file , this file should be owned by user x too.

How can we impliment that ?

Thanks in advance

Husam
0
Comment
Question by:husamzm
6 Comments
 
LVL 6

Expert Comment

by:bloemkool1980
ID: 10675104
If the process is spawned by user X the log file will have the same owner ship if the logfile is not created via the syslog because then default owner of the log file will be root.
If you would like that user Y can start the application you will have to give him the rights to do it, meaning that the user needs execute rights on the application.
But the owner of the process will be also the owner of the log file normally.
So who is the owner of the logfile in your case when Y launches the application and where is it stored, and does it go via the syslog ??
0
 
LVL 13

Expert Comment

by:ocon827679
ID: 10676623
Won't setuid do this?  If the file system was created with default attribs, you shuld be able to set permissions so that the SUID will have the executable run as the owner, regardless of who actually executes it.  Look at the man page for chmod.  I believe all you need to do is set the permissions with the chmod command.  "chmod 4755 filename"  the "4" turns on the setuid bit.
0
 
LVL 7

Accepted Solution

by:
fim32 earned 125 total points
ID: 10689053
true, setuid will do that.

another option would be sudo.  once you allow user y to run user x's script as user x, user y can just:

sudo -u y script
0
 
LVL 1

Expert Comment

by:mdhmi
ID: 10689776

Solaris 9 ships with RBAC.  Using RBAC would be preferred in the sense that it is supported by Sun.  sudo, however, would be the easiest solution.  You can download sudo from http://www.sunfreeware.com.

Mark
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

When you do backups in the Solaris Operating System, the file system must be inactive. Otherwise, the output may be inconsistent. A file system is inactive when it's unmounted or it's write-locked by the operating system. Although the fssnap utility…
In tuning file systems on the Solaris Operating System, changing some parameters of a file system usually destroys the data on it. For instance, changing the cache segment block size in the volume of a T3 requires that you delete the existing volu…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now