John Turner wrote:
You're right, file ownership has nothing to do with run privileges.
Can you clarify what you need?
Is accountB the only account allowed to use rsh? Or are you saying that you want to use rsh to login into a remote host as accountB, but accountA will launch rsh?
OK. We allow a certain account "accountB" to be able to rsh on users machine with the user's account so
for example we can check their proper installation etc.
Therefore what I want to do is for example have accountB run "rsh -l userA userAmachine 'ls /home/userA/someDir'"
The .rhosts file of the users allow that access.
But tomcat as well as all DB related things run as a different account "accountA".
So how can I get accountB to run the rsh command?
I hope I did not confuse you too much ?!
Astrid
If the latter, then use the "-l" command-line option to rsh to specify the remote host account name to use, just as you would with ssh.
John
Astrid Wagner wrote:
Hi,
Can you detail the second solution a little bit:
I can create a shell sript with my rsh system command in it and owned by
accountB but it will still run as accountA when called by a servlet, won't it.
I am no unix expert, maybe you have an example.
Thanks
Astrid
Ralph Einfeldt wrote:
There are a couple of solutions that allow you to achive that.
Which solution is best, depends on your requirements.
Some solutions that require a wrapper script: - script that calls rsh by super or sudo or something like that - script that is owned by accountB and has the setuid bit set and calls the rsh command directly
-----Original Message----- From: Astrid Wagner [mailto:[EMAIL PROTECTED] Sent: Thursday, July 24, 2003 3:44 PM To: [EMAIL PROTECTED] Subject: running as diff. account
E.g All web applications etc. run as "accountA" but my web application needs to call a "rsh" command (via native interface) run as "accountB".
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
