Solved

solaris permission question

Posted on 2004-03-24
6
277 Views
Last Modified: 2013-12-27
Hi all O/S experts,
On Solaris 9 simply I have user x own an application and user y normal user on the system , I need user y to execute the application as it is user x " the owner", so when you check the process status you will find that user x running the application not user y. even if the appliction will create an output file , this file should be owned by user x too.

How can we impliment that ?

Thanks in advance

Husam
0
Comment
Question by:husamzm
6 Comments
 
LVL 6

Expert Comment

by:bloemkool1980
ID: 10675104
If the process is spawned by user X the log file will have the same owner ship if the logfile is not created via the syslog because then default owner of the log file will be root.
If you would like that user Y can start the application you will have to give him the rights to do it, meaning that the user needs execute rights on the application.
But the owner of the process will be also the owner of the log file normally.
So who is the owner of the logfile in your case when Y launches the application and where is it stored, and does it go via the syslog ??
0
 
LVL 13

Expert Comment

by:ocon827679
ID: 10676623
Won't setuid do this?  If the file system was created with default attribs, you shuld be able to set permissions so that the SUID will have the executable run as the owner, regardless of who actually executes it.  Look at the man page for chmod.  I believe all you need to do is set the permissions with the chmod command.  "chmod 4755 filename"  the "4" turns on the setuid bit.
0
 
LVL 7

Accepted Solution

by:
fim32 earned 125 total points
ID: 10689053
true, setuid will do that.

another option would be sudo.  once you allow user y to run user x's script as user x, user y can just:

sudo -u y script
0
 
LVL 1

Expert Comment

by:mdhmi
ID: 10689776

Solaris 9 ships with RBAC.  Using RBAC would be preferred in the sense that it is supported by Sun.  sudo, however, would be the easiest solution.  You can download sudo from http://www.sunfreeware.com.

Mark
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A metadevice consists of one or more devices (slices). It can be expanded by adding slices. Then, it can be grown to fill a larger space while the file system is in use. However, not all UNIX file systems (UFS) can be expanded this way. The conca…
FreeBSD on EC2 FreeBSD (https://www.freebsd.org) is a robust Unix-like operating system that has been around for many years. FreeBSD is available on Amazon EC2 through Amazon Machine Images (AMIs) provided by FreeBSD developer and security office…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now