Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

which permission to backup the system

Posted on 2004-05-01
9
Medium Priority
?
324 Views
Last Modified: 2013-12-27
Hi Gurus,
How to give a user a permission to backup & restore all the filesystems including root file system with ufsdump without give him all root privilleges?
Thanks
0
Comment
Question by:husamzm
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 21

Accepted Solution

by:
tfewster earned 500 total points
ID: 10966496
Installing sudo from http://www.sunfreeware.com/   (Documentation at http://www.sudo.ws/sudo/readme.html ) would allow you to grant a user root permissions for running the ufsdump command;  I'm not sure if Solaris has any other built in facility to give Operator type access to certain users.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 10966645
either sudo, or a program (not script!) owned by root and UID bit set
0
 

Author Comment

by:husamzm
ID: 10970102
I don't preffer to use 3rd party, the system under support and in production,
How can you impliment the UID bit set ?
Thanks
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 21

Expert Comment

by:tfewster
ID: 10970166
The problem with writing your own utility is that you may create security loopholes; It would be worth talking to your support company to see if they will give you permission to install sudo; sudo is a well known and trusted utility that will not create any support problems.

sunfreeware is a well known & trusted site for binaries, although checking and compiling the sources yourself is always preferable - and if you do that, it's as good as software you've written yourself ;-)
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 10977595
> How can you impliment the UID bit set ?
do you mean for scripts?
You cannot, if the OS does not allow it, for obvious reason.
0
 

Expert Comment

by:rkotara
ID: 11001814
The short answer to your question:
How can you impliment the UID bit set ?
is to use the chmod util to modify the script permissions.  The file should be owned by root.
"chmod 4755 filename" where filename is the name of your script.

This sets the permissions so that root can edit, group and anyone can execute.  If you want just a certain group to be able to run it, do:
"chmod 4750 filename" and make sure that persons group is assigned to file so they can execute.

If you need to remove the SUID setting, just do "chmod 0750" or whatever to remove the SUID bit.

I do remember having some problems with the environment of SUID scripts and think there was a switch to include for KSH on the first line.  It might be "#!/bin/ksh -p" I think (without the quotes, of course).

Hope this helps some.
0
 

Expert Comment

by:s0larisw1z
ID: 11093746
No need to go the evil route of SUID scripts. All that is needed is for
the user to be in the group that owns the raw device (typically sys).
As ufsdump reads raw devices, rather than files, no permissions issues.

Also, ufsdump should be run on a 'quiet' filesystem, preferably
in single-user mode. Most installations require root password
for single-user anyway.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's say you need to move the data of a file system from one partition to another. This generally involves dismounting the file system, backing it up to tapes, and restoring it to a new partition. You may also copy the file system from one place to…
Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Suggested Courses

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question