Running a process requiring super user privilege from non super user - HP UX

This is a discussion on Running a process requiring super user privilege from non super user - HP UX ; Hi All It is a serious help required. I want to write a time synchronization service in BEA TUXEDO. This service will synchronize the time of a client machine according to the server machine. For this I wrote one tuxedo ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Running a process requiring super user privilege from non super user

  1. Running a process requiring super user privilege from non super user

    Hi All
    It is a serious help required. I want to write a time
    synchronization service in BEA TUXEDO. This service will synchronize
    the time of a client machine according to the server machine. For this
    I wrote one tuxedo service and after compiling I gave it super user
    priviledge to run settimeofday function of C . I did it by making root
    its owner and set the s uid bit by chmod u+s.
    But when I give tmboot the service does not get started giving
    following error :-

    error while loading shared libraries: libtux.so: cannot open shared
    object file: No such file or directory

    if I remove the set uid bit it gets booted but the time of the client
    machine will not be changed.

    Anyone kindly help me. I am struggling for a long time and this is a
    very critical problem. I did not find any TUXEDO specific group on
    internet.

    Thanks in advance


  2. Re: Running a process requiring super user privilege from non super user


    For security reasons, shared library searching and resolution is
    different for setuid programs. Run "man 5 dld.sl" and look for the
    section titled " Running Setuid Programs" on HP-UX 11I version 2 or
    later. It says in part :

    Running Setuid Programs
    For looking up shared libraries for setuid applications, the
    dynamic
    loader uses only the paths listed in /etc/dld.sl.conf.

    If LD_LIBRARY_PATH and SHLIB_PATH are set, they are validated
    against
    the list of paths in /etc/dld.sl.conf. (This allows the
    individual
    applications to appropriately order the list from the conf
    file).

    You can turn this feature off by setting the option _HP_DLDOPTS
    to -
    no_setuidpath. Using this option disables setuid programs from
    all
    dynamic path lookup.


    - Carl Burch

    HP WDB Team


  3. Re: Running a process requiring super user privilege from non superuser

    chets wrote:
    > It is a serious help required. I want to write a time
    > synchronization service in BEA TUXEDO. This service will synchronize
    > the time of a client machine according to the server machine.


    Isn't there already something like this already? Why reinvent the
    wheel. ntp
    http://forums1.itrc.hp.com/service/f...readId=1063153

    You can search ITRC for other threads.


+ Reply to Thread