Re: suid shell script

2003-03-11 Thread Peter Elsner 
One creates the script, places it in /usr/local/bin (for example), and runs 
it via a root CRONTAB entry.



At 12:42 AM 3/11/2003 -0500, you wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday, March 11, 2003, at 12:28  AM, Jonathan Chen wrote:
Dunno about Linux, but every other modern UNIX out there doesn't allow
setuid scripts.
Thanks for your response. Now my question is - how does one automate tasks 
requiring root privileges?

Paul Lathrop
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.1 (Darwin)
iD8DBQE+bXczlos2supvBQwRApNCAJ4hBh/IW04wPaNl/dYQ97elF2OzIwCfecdP
Twx+Q8robLPf47PCbCsn0HU=
=HKrj
-END PGP SIGNATURE-
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message
--
Peter Elsner [EMAIL PROTECTED]
Vice President Of Customer Service (And System Administrator)
1835 S. Carrier Parkway
Grand Prairie, Texas 75051
(972) 263-2080 - Voice
(972) 263-2082 - Fax
(972) 489-4838 - Cell Phone
(425) 988-8061 - eFax
I worry about my child and the Internet all the time, even though she's
too young to have logged on yet. Here's what I worry about. I worry
that 10 or 15 years from now, she will come to me and say Daddy, where
were you when they took freedom of the press away from the Internet?
-- Mike Godwin
Unix IS user friendly... It's just selective about who its friends are.
System Administration - It's a dirty job, but somebody said I had to do it.
If you receive something that says 'Send this to everyone you know,
pretend you don't know me.
Standard $500/message proofreading fee applies for UCE.



To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

Re: suid shell script

2003-03-11 Thread Lee Harr 
There are a couple of scripts I use for my own convenience
that I ran setuid root


I have one of those: my dialer script.

What I did is create a short C wrapper:

#include stdlib.h

int main() {
system(/root/bin/dial);
return 0;
}
Then I made that suid root.

_
Tired of spam? Get advanced junk mail protection with MSN 8. 
http://join.msn.com/?page=features/junkmail

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

suid shell script

2003-03-10 Thread Paul Lathrop 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I must admit I feel silly having to ask, but I've been banging my head 
against this for a couple days now and I am completely stumped.

I just recently switched from Slackware Linux 8.0 to FreeBSD. There are 
a couple of scripts I use for my own convenience that I ran setuid root 
on my Linux box. All that I had to do was make sure the scripts were 
owned by root, and then do a chmod 4711 on them to make it work in 
Linux. I just set up a script on FreeBSD - the first time I've actually 
done it since I switched. I followed the same procedure, but when I run 
the script as a normal user, it does not run with elevated priveleges.

I've scoured the web for info on this but all I have been able to find 
references to are difficulties with Perl scripts. I don't know Perl 
(yet). I took all the extraneous stuff out of my script and boiled it 
down to three simple commands that I know work - just to make sure my 
program logic wasn't the problem.

Here it is:

#!/bin/tcsh

mkdir $3
chown -R $1 $3
chgrp -R $2 $3
chmod -R 771 $3
So now it's down to a proof-of-concept script. If I can make this work 
with the elevated privileges, I can move on to the real script. Can 
anyone out there help me understand what I am doing wrong?

Thanks,
Paul D. Lathrop
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.1 (Darwin)
iD8DBQE+bWgklos2supvBQwRAtZ8AJ48Xs+FIweasAck0/Iz47mnp2VeUACfZZXr
+QBNLYIcHErEwbaP6HDZBM0=
=/b6N
-END PGP SIGNATURE-
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

Re: suid shell script

2003-03-10 Thread Paul Lathrop 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday, March 11, 2003, at 12:28  AM, Jonathan Chen wrote:
Dunno about Linux, but every other modern UNIX out there doesn't allow
setuid scripts.
Thanks for your response. Now my question is - how does one automate 
tasks requiring root privileges?

Paul Lathrop
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.1 (Darwin)
iD8DBQE+bXczlos2supvBQwRApNCAJ4hBh/IW04wPaNl/dYQ97elF2OzIwCfecdP
Twx+Q8robLPf47PCbCsn0HU=
=HKrj
-END PGP SIGNATURE-
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

Re: suid shell script

2003-03-10 Thread Ryan Thompson 
Paul Lathrop wrote to Jonathan Chen:

 Thanks for your response. Now my question is - how does one automate
 tasks requiring root privileges?

From /usr/ports/security/sudo/pkg-descr:

  Sudo is a program designed to allow a sysadmin to give limited root
  privileges to users and log root activity.  The basic philosophy is
  to give as few privileges as possible but still allow people to get
  their work done.

Sudo allows you to micro-manage as much as you like, so you can
assign specific privileges to specific users, without the need to hand
out root passwords. I can't imagine life without it. It's also easy to
set up.

- Ryan

-- 
  Ryan Thompson [EMAIL PROTECTED]

  SaskNow Technologies - http://www.sasknow.com
  901-1st Avenue North - Saskatoon, SK - S7K 1Y4

Tel: 306-664-3600   Fax: 306-244-7037   Saskatoon
  Toll-Free: 877-727-5669 (877-SASKNOW) North America


To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message