non root user - who has file open - SCO

This is a discussion on non root user - who has file open - SCO ; I am using SCO OSR6 and have used lsof and fuser as root to see who has a particular file open but now i want to incorporate a similar test into a script used by normal users. As a normal ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: non root user - who has file open

  1. non root user - who has file open

    I am using SCO OSR6 and have used lsof and fuser as root to see who
    has a particular file open but now i want to incorporate a similar
    test into a script used by normal users.

    As a normal user I get the following errors

    $ lsof
    lsof: can't read kernel name list from /stand/unix

    $ /etc/fuser -u thefile
    UX:fuser: ERROR: open of /dev/kmem failed: Permission denied

    $ ls -l /stand/unix /dev/kmem
    cr--r----- 1 root mem 2, 1 Nov 8 10:34 /dev/kmem
    -r--r----- 1 bin mem 2890500 May 16 14:15 /stand/unix

    Is it advisable to give ordinary users permissions in these areas or
    is there some other utility I would be better off using?


    Regards

    James


  2. Re: non root user - who has file open

    On 8 Nov, 15:41, James_Szabadics wrote:
    > I am using SCO OSR6 and have used lsof and fuser as root to see who
    > has a particular file open but now i want to incorporate a similar
    > test into a script used by normal users.
    >
    > As a normal user I get the following errors
    >
    > $ lsof
    > lsof: can't read kernel name list from /stand/unix
    >
    > $ /etc/fuser -u thefile
    > UX:fuser: ERROR: open of /dev/kmem failed: Permission denied
    >
    > $ ls -l /stand/unix /dev/kmem
    > cr--r----- 1 root mem 2, 1 Nov 8 10:34 /dev/kmem
    > -r--r----- 1 bin mem 2890500 May 16 14:15 /stand/unix
    >
    > Is it advisable to give ordinary users permissions in these areas or
    > is there some other utility I would be better off using?
    >
    > Regards
    >
    > James


    Hi James,

    It would be a bad idea to start changing perms in these areas as you
    would leave yourself wide open in terms of system security.

    However OSR6 like UnixWare 7 has the "tfadmin" facility which allows
    users to run privelaged commands which should do the job for you.
    Check out the following SCO TA :

    http://wdb1.sco.com/kb/showta?taid=1...376055&pgnum=1

    Let me know if this doesn't help or you require further advice.




  3. Re: non root user - who has file open

    In article <1194485784.336363.171560@v23g2000prn.googlegroups. com>,
    James_Szabadics wrote:
    >I am using SCO OSR6 and have used lsof and fuser as root to see who
    >has a particular file open but now i want to incorporate a similar
    >test into a script used by normal users.
    >
    >As a normal user I get the following errors
    >
    >$ lsof
    >lsof: can't read kernel name list from /stand/unix
    >
    >$ /etc/fuser -u thefile
    >UX:fuser: ERROR: open of /dev/kmem failed: Permission denied
    >
    >$ ls -l /stand/unix /dev/kmem
    >cr--r----- 1 root mem 2, 1 Nov 8 10:34 /dev/kmem
    >-r--r----- 1 bin mem 2890500 May 16 14:15 /stand/unix
    >
    >Is it advisable to give ordinary users permissions in these areas or
    >is there some other utility I would be better off using?


    It looks like lsof gives up its setgid mem before attempting to open
    /stand/unix. You can address that by making /stand/unix all-readable:

    # btmnt -w
    # chmod a+r /stand/unix
    # btmnt -r

    You'll need to arrange for those permissions to be set whenever you relink.

    John
    --
    John DuBois spcecdt@armory.com KC6QKZ/AE http://www.armory.com/~spcecdt/

  4. Re: non root user - who has file open

    On Nov 9, 1:18 am, Upsidedown Head
    wrote:
    > On 8 Nov, 15:41, James_Szabadics wrote:
    >
    >
    >
    >
    >
    > > I am using SCO OSR6 and have used lsof and fuser as root to see who
    > > has a particular file open but now i want to incorporate a similar
    > > test into a script used by normal users.

    >
    > > As a normal user I get the following errors

    >
    > > $ lsof
    > > lsof: can't read kernel name list from /stand/unix

    >
    > > $ /etc/fuser -u thefile
    > > UX:fuser: ERROR: open of /dev/kmem failed: Permission denied

    >
    > > $ ls -l /stand/unix /dev/kmem
    > > cr--r----- 1 root mem 2, 1 Nov 8 10:34 /dev/kmem
    > > -r--r----- 1 bin mem 2890500 May 16 14:15 /stand/unix

    >
    > > Is it advisable to give ordinary users permissions in these areas or
    > > is there some other utility I would be better off using?

    >
    > > Regards

    >
    > > James

    >
    > Hi James,
    >
    > It would be a bad idea to start changing perms in these areas as you
    > would leave yourself wide open in terms of system security.
    >
    > However OSR6 like UnixWare 7 has the "tfadmin" facility which allows
    > users to run privelaged commands which should do the job for you.
    > Check out the following SCO TA :
    >
    > http://wdb1.sco.com/kb/showta?taid=1...&sid=522376055...
    >
    > Let me know if this doesn't help or you require further advice.- Hide quoted text -
    >
    > - Show quoted text -


    Hmm,

    $ man tfadmin
    man: tfadmin not found
    $ find /sbin -name tfadmin*
    $

    It seems OSR6 doesnt natively have tfadmin. Maybe it has the OSR5
    equivalent if such a thing exists? I would prefer to use this in the
    script rather than change perms. Any ideas on where to from here?

    Regards

    James


  5. Re: non root user - who has file open

    In article <1194582102.637710.251860@s15g2000prm.googlegroups. com>,
    James_Szabadics wrote:
    >On Nov 9, 1:18 am, Upsidedown Head
    >wrote:
    >> On 8 Nov, 15:41, James_Szabadics wrote:
    >>


    >>

    >It seems OSR6 doesnt natively have tfadmin. Maybe it has the OSR5
    >equivalent if such a thing exists? I would prefer to use this in the
    >script rather than change perms. Any ideas on where to from here?
    >

    its been awhile since i've been on SCO, but there is something
    out there called 'sudo' which can allow you to setup a configuration
    to allow certain users or groups to run commands in a priviledged
    mode.

    i believe there is also something called 'asroot' which is
    in Openserver.


    Dave


+ Reply to Thread