On 08/13/09 00:19, nono wrote:
HI,
I'm a new user of this OS.
Here is my problem :
The permissions on special file /dev/ip are "666 root sys".
I tried to modify this permission with the following command line without
effect :
Gee, I am glad that it did not take effect. You should not change the
permissions on system delivered files and devices.
update_drv -m 'ip 0660 root sys' ip
The modification appear in minor_perm file but not on filesystem, even after
reboot.
So, I open the documentation and can read that filesystem permissions are not
sufficient to access to this file because it is protected by DAC.
It's necessary to have "net_rawaccess" privilege to open /dev/ip.
So how can I verify users or roles who have this privilege ? Is there a command
to list them all ?
ppriv $$ gives the permissions of the shell.
thanks for your help
The sample below is with Solaris 10, although it should make no
difference with OpenSolaris.
s...@marlton: 306% cat /var/tmp/t.c
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <stdio.h>
main()
{
int fd;
int flags;
flags = O_RDWR;
fd = open("/dev/ip", flags);
if ( fd < 0 )
{
printf("open failed\n");
}
else
{
printf("open succeeded with fd: %d\n", fd);
close(fd);
}
}
s...@marlton: 312% /var/tmp/t
open failed
s...@marlton: 313% grep stw /etc/user_attr
stw::::type=normal;defaultpriv=basic,dtrace_kernel,dtrace_proc,dtrace_user,cpc_cpu,sys_resource
s...@marlton: 314% /var/tmp/t
open succeeded with fd: 3
s...@marlton: 315% grep stw /etc/user_attr
stw::::type=normal;defaultpriv=basic,dtrace_kernel,dtrace_proc,dtrace_user,cpc_cpu,sys_resource,net_rawaccess
_______________________________________________
opensolaris-discuss mailing list
[email protected]
