user permission problems - SCO

This is a discussion on user permission problems - SCO ; I seem to be having some trouble with OpenServer 5.0.6. I need to be able to give permission to other users to do various tasks on the system, such as kill users and add and remove users and printers. I ...

+ Reply to Thread
Results 1 to 14 of 14

Thread: user permission problems

  1. user permission problems

    I seem to be having some trouble with OpenServer 5.0.6. I need to be
    able to give permission to other users to do various tasks on the
    system, such as kill users and add and remove users and printers. I
    set them up in the tcb and copied the kill command to their home dir.
    When they go to hit 'w' for the who command, it only shows them as
    logged in. I'm not sure why. Could you please help?

  2. Re: user permission problems

    On Mar 27, 6:44 am, "andrewm...@gmail.com"
    wrote:
    > I seem to be having some trouble with OpenServer 5.0.6. I need to be
    > able to give permission to other users to do various tasks on the
    > system, such as kill users and add and remove users and printers. I
    > set them up in the tcb and copied the kill command to their home dir.
    > When they go to hit 'w' for the who command, it only shows them as
    > logged in. I'm not sure why. Could you please help?


    I can't tell from your description what you're doing. Are you trying
    to set up the "asroot" utility?

    --RLR

  3. Re: user permission problems

    The asroot utility is setup. But its not working for the right
    people.


    On Mar 27, 11:37 am, ThreeStar wrote:
    > On Mar 27, 6:44 am, "andrewm...@gmail.com"
    > wrote:
    >
    > > I seem to be having some trouble with OpenServer 5.0.6. I need to be
    > > able to give permission to other users to do various tasks on the
    > > system, such as kill users and add and remove users and printers. I
    > > set them up in the tcb and copied the kill command to their home dir.
    > > When they go to hit 'w' for the who command, it only shows them as
    > > logged in. I'm not sure why. Could you please help?

    >
    > I can't tell from your description what you're doing. Are you trying
    > to set up the "asroot" utility?
    >
    > --RLR



  4. Re: user permission problems

    andrewm659@gmail.com wrote:
    > The asroot utility is setup. But its not working for the right
    > people.
    >
    >
    > On Mar 27, 11:37 am, ThreeStar wrote:
    >> On Mar 27, 6:44 am, "andrewm...@gmail.com"
    >> wrote:
    >>
    >>> I seem to be having some trouble with OpenServer 5.0.6. I need to be
    >>> able to give permission to other users to do various tasks on the
    >>> system, such as kill users and add and remove users and printers. I
    >>> set them up in the tcb and copied the kill command to their home dir.
    >>> When they go to hit 'w' for the who command, it only shows them as
    >>> logged in. I'm not sure why. Could you please help?

    >> I can't tell from your description what you're doing. Are you trying
    >> to set up the "asroot" utility?
    >>
    >> --RLR

    >


    Here's my handy dandy asroot cookbook - see if you missed some steps:

    1) If you have special purpose logins to do things requiring root
    permissions, make the special logins ".profile" read something like:

    :
    exec /tcb/bin/asroot

    Note you should put any commands in a shell script so asroot can execute
    it with root perms, and you can add sanity tests to prevent things like
    rm -r * while in / ).

    2) Create a symbolic link from the script/command to the dir
    "/tcb/files/rootcmds", like (if you make a kill script called "kill_it"):

    ln -s /usr/local/bin/kill_it /tcb/files/rootcmds

    3) Add the script name to the file "/etc/auth/system/authorize" at the
    root line, like:

    root:shutdown,kill_it

    4) Give the users root auth via scoadmin:

    scoadmin > account manager, select user then: Users > Authorizations

    add root and the special scripts like "kill_it' to the users that will
    use the scripts.

    I also found the man docs on asroot clear as mud when I first
    encountered it after switching to SCO from AT&T Unix back in the early 90's.

    The above cookbook took me more hours of WTF's and other colorful
    phrases one afternoon than I would care to admit to.

    --
    ----------------------------------------------------
    Pat Welch, UBB Computer Services, a WCS Affiliate
    SCO Authorized Partner
    Microlite BackupEdge Certified Reseller
    Unix/Linux/Windows/Hardware Sales/Support
    (209) 745-1401 Cell: (209) 251-9120
    E-mail: patubb@inreach.com
    ----------------------------------------------------

  5. Re: user permission problems

    On 27 Mar, 13:44, "andrewm...@gmail.com" wrote:
    > I seem to be having some trouble with OpenServer 5.0.6. *I need to be
    > able to give permission to other users to do various tasks on the
    > system, such as kill users and add and remove users and printers. *I
    > set them up in the tcb and copied the kill command to their home dir.
    > When they go to hit 'w' for the who command, it only shows them as
    > logged in. *I'm not sure why. *Could you please help?


    Install sudo. It's much more flexible and ocnfigurable than the
    "asroot" utility, it's used throughout the UNIX and Linux communities,
    it's well documented, and Brian White's site at ftp://pcunix.com/ has
    both patched source and binaries.

  6. Re: user permission problems


    ----- Original Message -----
    From: "Pat Welch"
    Newsgroups: comp.unix.sco.misc
    To:
    Sent: Thursday, March 27, 2008 7:30 PM
    Subject: Re: user permission problems


    > andrewm659@gmail.com wrote:
    >> The asroot utility is setup. But its not working for the right
    >> people.
    >>
    >>
    >> On Mar 27, 11:37 am, ThreeStar wrote:
    >>> On Mar 27, 6:44 am, "andrewm...@gmail.com"
    >>> wrote:
    >>>
    >>>> I seem to be having some trouble with OpenServer 5.0.6. I need to be
    >>>> able to give permission to other users to do various tasks on the
    >>>> system, such as kill users and add and remove users and printers. I
    >>>> set them up in the tcb and copied the kill command to their home dir.
    >>>> When they go to hit 'w' for the who command, it only shows them as
    >>>> logged in. I'm not sure why. Could you please help?
    >>> I can't tell from your description what you're doing. Are you trying
    >>> to set up the "asroot" utility?
    >>>
    >>> --RLR

    >>

    >
    > Here's my handy dandy asroot cookbook - see if you missed some steps:
    >
    > 1) If you have special purpose logins to do things requiring root
    > permissions, make the special logins ".profile" read something like:
    >
    > :
    > exec /tcb/bin/asroot
    >
    > Note you should put any commands in a shell script so asroot can execute
    > it with root perms, and you can add sanity tests to prevent things like
    > rm -r * while in / ).
    >
    > 2) Create a symbolic link from the script/command to the dir
    > "/tcb/files/rootcmds", like (if you make a kill script called "kill_it"):
    >
    > ln -s /usr/local/bin/kill_it /tcb/files/rootcmds
    >
    > 3) Add the script name to the file "/etc/auth/system/authorize" at the
    > root line, like:
    >
    > root:shutdown,kill_it
    >
    > 4) Give the users root auth via scoadmin:
    >
    > scoadmin > account manager, select user then: Users > Authorizations
    >
    > add root and the special scripts like "kill_it' to the users that will
    > use the scripts.
    >
    > I also found the man docs on asroot clear as mud when I first
    > encountered it after switching to SCO from AT&T Unix back in the early 90's.
    >
    > The above cookbook took me more hours of WTF's and other colorful
    > phrases one afternoon than I would care to admit to.
    >



    similarly
    http://groups.google.com/group/comp....68b628fc3a4938
    http://groups.google.com/group/comp....353cce2082a8fb

    Though I never actually used asroot for kill in production anywhere.
    I mostly used it to give users the ability to do manual tape backups.

    I wonder why I have fixmog as a final step? Probably just to ensure the perms on the copied binary.
    Which, I'm sure I read somewhere that you should copy the binary not link it, else i would always prefer to link it too.
    Maybe the symlink provides a means to side-step the very security you are trying to maintain?
    I don't know how, but, if you are using symlinks and it works, then the only reason I could see not to do it was some security concern.

    --
    Brian K. White brian@aljex.com http://www.myspace.com/KEYofR
    +++++[>+++[>+++++>+++++++<<-]<-]>>+.>.+++++.+++++++.-.[>+<---]>++.
    filePro BBx Linux SCO FreeBSD #callahans Satriani Filk!


  7. Re: user permission problems

    This didn't work. I set it up. When I run the 'w' command, all I get
    is myself logged in, instead of getting all the users who are idle.
    When I do a 'ps -ef' all I get is my running processes. I should be
    getting all the processes of the running system.



    On Mar 27, 6:30*pm, Pat Welch wrote:
    > andrewm...@gmail.com wrote:
    > > The asroot utility is setup. *But its not working for the right
    > > people.

    >
    > > On Mar 27, 11:37 am, ThreeStar wrote:
    > >> On Mar 27, 6:44 am, "andrewm...@gmail.com"
    > >> wrote:

    >
    > >>> I seem to be having some trouble with OpenServer 5.0.6. *I need to be
    > >>> able to give permission to other users to do various tasks on the
    > >>> system, such as kill users and add and remove users and printers. *I
    > >>> set them up in the tcb and copied the kill command to their home dir.
    > >>> When they go to hit 'w' for the who command, it only shows them as
    > >>> logged in. *I'm not sure why. *Could you please help?
    > >> I can't tell from your description what you're doing. *Are you trying
    > >> to set up the "asroot" utility?

    >
    > >> --RLR

    >
    > Here's my handy dandy asroot cookbook - see if you missed some steps:
    >
    > 1) If you have special purpose logins to do things requiring root
    > permissions, make the special logins ".profile" read something like:
    >
    > :
    > exec /tcb/bin/asroot
    >
    > Note you should put any commands in a shell script so asroot can execute
    > it with root perms, and you can add sanity tests to prevent things like
    > rm -r * while in / ).
    >
    > 2) Create a symbolic link from the script/command to the dir
    > "/tcb/files/rootcmds", like (if you make a kill script called "kill_it"):
    >
    > ln -s /usr/local/bin/kill_it */tcb/files/rootcmds
    >
    > 3) Add the script name to the file "/etc/auth/system/authorize" at the
    > root line, like:
    >
    > root:shutdown,kill_it
    >
    > 4) Give the users root auth via scoadmin:
    >
    > scoadmin > account manager, select user then: Users > Authorizations
    >
    > add root and the special scripts like "kill_it' to the users that will
    > use the scripts.
    >
    > I also found the man docs on asroot clear as mud when I first
    > encountered it after switching to SCO from AT&T Unix back in the early 90's.
    >
    > The above cookbook took me more hours of WTF's and other colorful
    > phrases one afternoon than I would care to admit to.
    >
    > --
    > ----------------------------------------------------
    > Pat Welch, UBB Computer Services, a WCS Affiliate
    > * * * * * * SCO Authorized Partner
    > * * * * * * Microlite BackupEdge Certified Reseller
    > * * * * * * Unix/Linux/Windows/Hardware Sales/Support
    > * * * * * * (209) 745-1401 Cell: (209) 251-9120
    > * * * * * * E-mail: pat...@inreach.com
    > ----------------------------------------------------



  8. Re: user permission problems

    NEVERMIND ----- THANK YOU!



    On Mar 27, 6:30*pm, Pat Welch wrote:
    > andrewm...@gmail.com wrote:
    > > The asroot utility is setup. *But its not working for the right
    > > people.

    >
    > > On Mar 27, 11:37 am, ThreeStar wrote:
    > >> On Mar 27, 6:44 am, "andrewm...@gmail.com"
    > >> wrote:

    >
    > >>> I seem to be having some trouble with OpenServer 5.0.6. *I need to be
    > >>> able to give permission to other users to do various tasks on the
    > >>> system, such as kill users and add and remove users and printers. *I
    > >>> set them up in the tcb and copied the kill command to their home dir.
    > >>> When they go to hit 'w' for the who command, it only shows them as
    > >>> logged in. *I'm not sure why. *Could you please help?
    > >> I can't tell from your description what you're doing. *Are you trying
    > >> to set up the "asroot" utility?

    >
    > >> --RLR

    >
    > Here's my handy dandy asroot cookbook - see if you missed some steps:
    >
    > 1) If you have special purpose logins to do things requiring root
    > permissions, make the special logins ".profile" read something like:
    >
    > :
    > exec /tcb/bin/asroot
    >
    > Note you should put any commands in a shell script so asroot can execute
    > it with root perms, and you can add sanity tests to prevent things like
    > rm -r * while in / ).
    >
    > 2) Create a symbolic link from the script/command to the dir
    > "/tcb/files/rootcmds", like (if you make a kill script called "kill_it"):
    >
    > ln -s /usr/local/bin/kill_it */tcb/files/rootcmds
    >
    > 3) Add the script name to the file "/etc/auth/system/authorize" at the
    > root line, like:
    >
    > root:shutdown,kill_it
    >
    > 4) Give the users root auth via scoadmin:
    >
    > scoadmin > account manager, select user then: Users > Authorizations
    >
    > add root and the special scripts like "kill_it' to the users that will
    > use the scripts.
    >
    > I also found the man docs on asroot clear as mud when I first
    > encountered it after switching to SCO from AT&T Unix back in the early 90's.
    >
    > The above cookbook took me more hours of WTF's and other colorful
    > phrases one afternoon than I would care to admit to.
    >
    > --
    > ----------------------------------------------------
    > Pat Welch, UBB Computer Services, a WCS Affiliate
    > * * * * * * SCO Authorized Partner
    > * * * * * * Microlite BackupEdge Certified Reseller
    > * * * * * * Unix/Linux/Windows/Hardware Sales/Support
    > * * * * * * (209) 745-1401 Cell: (209) 251-9120
    > * * * * * * E-mail: pat...@inreach.com
    > ----------------------------------------------------



  9. Re: user permission problems

    NEVERMIND its still not working.


    On Mar 27, 6:30*pm, Pat Welch wrote:
    > andrewm...@gmail.com wrote:
    > > The asroot utility is setup. *But its not working for the right
    > > people.

    >
    > > On Mar 27, 11:37 am, ThreeStar wrote:
    > >> On Mar 27, 6:44 am, "andrewm...@gmail.com"
    > >> wrote:

    >
    > >>> I seem to be having some trouble with OpenServer 5.0.6. *I need to be
    > >>> able to give permission to other users to do various tasks on the
    > >>> system, such as kill users and add and remove users and printers. *I
    > >>> set them up in the tcb and copied the kill command to their home dir.
    > >>> When they go to hit 'w' for the who command, it only shows them as
    > >>> logged in. *I'm not sure why. *Could you please help?
    > >> I can't tell from your description what you're doing. *Are you trying
    > >> to set up the "asroot" utility?

    >
    > >> --RLR

    >
    > Here's my handy dandy asroot cookbook - see if you missed some steps:
    >
    > 1) If you have special purpose logins to do things requiring root
    > permissions, make the special logins ".profile" read something like:
    >
    > :
    > exec /tcb/bin/asroot
    >
    > Note you should put any commands in a shell script so asroot can execute
    > it with root perms, and you can add sanity tests to prevent things like
    > rm -r * while in / ).
    >
    > 2) Create a symbolic link from the script/command to the dir
    > "/tcb/files/rootcmds", like (if you make a kill script called "kill_it"):
    >
    > ln -s /usr/local/bin/kill_it */tcb/files/rootcmds
    >
    > 3) Add the script name to the file "/etc/auth/system/authorize" at the
    > root line, like:
    >
    > root:shutdown,kill_it
    >
    > 4) Give the users root auth via scoadmin:
    >
    > scoadmin > account manager, select user then: Users > Authorizations
    >
    > add root and the special scripts like "kill_it' to the users that will
    > use the scripts.
    >
    > I also found the man docs on asroot clear as mud when I first
    > encountered it after switching to SCO from AT&T Unix back in the early 90's.
    >
    > The above cookbook took me more hours of WTF's and other colorful
    > phrases one afternoon than I would care to admit to.
    >
    > --
    > ----------------------------------------------------
    > Pat Welch, UBB Computer Services, a WCS Affiliate
    > * * * * * * SCO Authorized Partner
    > * * * * * * Microlite BackupEdge Certified Reseller
    > * * * * * * Unix/Linux/Windows/Hardware Sales/Support
    > * * * * * * (209) 745-1401 Cell: (209) 251-9120
    > * * * * * * E-mail: pat...@inreach.com
    > ----------------------------------------------------



  10. Re: user permission problems

    Its not there. I can't find it on skunkware either. Can you help me
    out? Do you have it for SCO Openserver 5.0.6?



    On Mar 27, 9:08*pm, Nico Kadel-Garcia wrote:
    > On 27 Mar, 13:44, "andrewm...@gmail.com" wrote:
    >
    > > I seem to be having some trouble with OpenServer 5.0.6. *I need to be
    > > able to give permission to other users to do various tasks on the
    > > system, such as kill users and add and remove users and printers. *I
    > > set them up in the tcb and copied the kill command to their home dir.
    > > When they go to hit 'w' for the who command, it only shows them as
    > > logged in. *I'm not sure why. *Could you please help?

    >
    > Install sudo. It's much more flexible and ocnfigurable than the
    > "asroot" utility, it's used throughout the UNIX and Linux communities,
    > it's well documented, and Brian White's site atftp://pcunix.com/has
    > both patched source and binaries.



  11. Re: user permission problems

    andrewm659@gmail.com wrote:

    Please don't top-post!

    >
    > On Mar 27, 9:08 pm, Nico Kadel-Garcia wrote:
    >> On 27 Mar, 13:44, "andrewm...@gmail.com" wrote:
    >>
    >>> I seem to be having some trouble with OpenServer 5.0.6. I need to be
    >>> able to give permission to other users to do various tasks on the
    >>> system, such as kill users and add and remove users and printers. I
    >>> set them up in the tcb and copied the kill command to their home dir.
    >>> When they go to hit 'w' for the who command, it only shows them as
    >>> logged in. I'm not sure why. Could you please help?

    >>
    >> Install sudo. It's much more flexible and ocnfigurable than the
    >> "asroot" utility, it's used throughout the UNIX and Linux communities,
    >> it's well documented, and Brian White's site atftp://pcunix.com/has
    >> both patched source and binaries.

    >
    > Its not there. I can't find it on skunkware either. Can you help me
    > out? Do you have it for SCO Openserver 5.0.6?
    >
    >


    http://www.aljex.com/bkw/sco/#sudo

    --
    RGB

  12. Re: user permission problems

    andrewm659@gmail.com wrote:
    > Its not there. I can't find it on skunkware either. Can you help me
    > out? Do you have it for SCO Openserver 5.0.6?
    >
    >
    >
    > On Mar 27, 9:08 pm, Nico Kadel-Garcia wrote:
    >> On 27 Mar, 13:44, "andrewm...@gmail.com" wrote:
    >>
    >>> I seem to be having some trouble with OpenServer 5.0.6. I need to be
    >>> able to give permission to other users to do various tasks on the
    >>> system, such as kill users and add and remove users and printers. I
    >>> set them up in the tcb and copied the kill command to their home dir.
    >>> When they go to hit 'w' for the who command, it only shows them as
    >>> logged in. I'm not sure why. Could you please help?

    >> Install sudo. It's much more flexible and ocnfigurable than the
    >> "asroot" utility, it's used throughout the UNIX and Linux communities,
    >> it's well documented, and Brian White's site atftp://pcunix.com/has
    >> both patched source and binaries.

    >


    Please read the last line of my post, where it said:

    Brian White's site atftp://pcunix.com/has both patched source and binaries.

  13. Re: user permission problems


    ----- Original Message -----
    From: "Nico Kadel-Garcia"
    Newsgroups: comp.unix.sco.misc
    To:
    Sent: Friday, April 04, 2008 6:31 PM
    Subject: Re: user permission problems


    > andrewm659@gmail.com wrote:
    >> Its not there. I can't find it on skunkware either. Can you help me
    >> out? Do you have it for SCO Openserver 5.0.6?
    >>
    >>
    >>
    >> On Mar 27, 9:08 pm, Nico Kadel-Garcia wrote:
    >>> On 27 Mar, 13:44, "andrewm...@gmail.com" wrote:
    >>>
    >>>> I seem to be having some trouble with OpenServer 5.0.6. I need to be
    >>>> able to give permission to other users to do various tasks on the
    >>>> system, such as kill users and add and remove users and printers. I
    >>>> set them up in the tcb and copied the kill command to their home dir.
    >>>> When they go to hit 'w' for the who command, it only shows them as
    >>>> logged in. I'm not sure why. Could you please help?
    >>> Install sudo. It's much more flexible and ocnfigurable than the
    >>> "asroot" utility, it's used throughout the UNIX and Linux communities,
    >>> it's well documented, and Brian White's site atftp://pcunix.com/has
    >>> both patched source and binaries.


    > Please read the last line of my post, where it said:
    >
    > Brian White's site atftp://pcunix.com/has both patched source and binaries.


    He may not have deduced where on pcunix.com to look.
    My directory there is /pub/bkw

    The binary and manpages tar for sudo is here:
    ftp://pcunix.com/pub/bkw/sudo.tar.bz2

    You will need to install oss646c first.
    If you don't have bzip2 to unpack the tar.bz2, and can't install gwxlibs, then there is a binary here:
    ftp://pcunix.com/pub/bkw/bzip2.tar.Z

    However, I don't beleive you need sudo anyways.
    asroot is already there and does work fine.
    Only if you actually needs some feature asroot can't handle would I bother with sudo.

    As for why users who run w can't see other users?
    You said you set up the kill command successfully, but then complained that the w command doesn't work.
    If you need them to be able to run w with root privs, then you have to set up the w command the same way.

    When I run w as a user I see everything, but, w (and who, and finger) gets much of it's info from /etc/utmp
    /etc/utmp is just a file that various programs update when users login,logout, or issue commands.
    It can become out of sync with reality or corrupt to a small or large degree lots of different ways.
    So, any time any of the utmp/wtmp/utmpx/wtmpx reading commands acts at all funny, one easy step to try is to reset those files. The only difficulty is ideally you should reboot or at least switch to single-user mode to do it and then immediately reboot afterwards back to normal mode.

    cd /etc
    >utmp
    >utmpx
    >wtmp
    >wtmpx

    shutdown -g0 -i6 y


    Another possible hint comes right from "man w"
    ---snip---
    Authorization
    The behavior of these utilities is affected by assignment of the
    mem authorization On systems installed with ``high'' security,
    this is usually reserved for system administrators. If you do not
    have this authorization, the output will be restricted to data
    about your activities. Refer to ``Using a secure system'' in the
    Operating System User's Guide for more details.
    ---snip---

    So, for me, setting up w in asroot with root privs, and adding w authorization to a user, and having that user run "/tcb/bin/asroot w" made no difference, but perhaps on your box it will. All my boxes are installed with the default security.
    You may want to do the same with ps.

    --
    Brian K. White brian@aljex.com http://www.myspace.com/KEYofR
    +++++[>+++[>+++++>+++++++<<-]<-]>>+.>.+++++.+++++++.-.[>+<---]>++.
    filePro BBx Linux SCO FreeBSD #callahans Satriani Filk!

  14. Re: user permission problems

    Brian K. White wrote:
    > ----- Original Message -----
    > From: "Pat Welch"
    > Newsgroups: comp.unix.sco.misc
    > To:
    > Sent: Thursday, March 27, 2008 7:30 PM
    > Subject: Re: user permission problems
    >
    >
    >> andrewm659@gmail.com wrote:
    >>> The asroot utility is setup. But its not working for the right
    >>> people.
    >>>
    >>>
    >>> On Mar 27, 11:37 am, ThreeStar wrote:
    >>>> On Mar 27, 6:44 am, "andrewm...@gmail.com"
    >>>> wrote:
    >>>>
    >>>>> I seem to be having some trouble with OpenServer 5.0.6. I need to be
    >>>>> able to give permission to other users to do various tasks on the
    >>>>> system, such as kill users and add and remove users and printers. I
    >>>>> set them up in the tcb and copied the kill command to their home dir.
    >>>>> When they go to hit 'w' for the who command, it only shows them as
    >>>>> logged in. I'm not sure why. Could you please help?
    >>>> I can't tell from your description what you're doing. Are you trying
    >>>> to set up the "asroot" utility?
    >>>>
    >>>> --RLR

    >> Here's my handy dandy asroot cookbook - see if you missed some steps:
    >>
    >> 1) If you have special purpose logins to do things requiring root
    >> permissions, make the special logins ".profile" read something like:
    >>
    >> :
    >> exec /tcb/bin/asroot
    >>
    >> Note you should put any commands in a shell script so asroot can execute
    >> it with root perms, and you can add sanity tests to prevent things like
    >> rm -r * while in / ).
    >>
    >> 2) Create a symbolic link from the script/command to the dir
    >> "/tcb/files/rootcmds", like (if you make a kill script called "kill_it"):
    >>
    >> ln -s /usr/local/bin/kill_it /tcb/files/rootcmds
    >>
    >> 3) Add the script name to the file "/etc/auth/system/authorize" at the
    >> root line, like:
    >>
    >> root:shutdown,kill_it
    >>
    >> 4) Give the users root auth via scoadmin:
    >>
    >> scoadmin > account manager, select user then: Users > Authorizations
    >>
    >> add root and the special scripts like "kill_it' to the users that will
    >> use the scripts.
    >>
    >> I also found the man docs on asroot clear as mud when I first
    >> encountered it after switching to SCO from AT&T Unix back in the early 90's.
    >>
    >> The above cookbook took me more hours of WTF's and other colorful
    >> phrases one afternoon than I would care to admit to.
    >>

    >
    >
    > similarly
    > http://groups.google.com/group/comp....68b628fc3a4938
    > http://groups.google.com/group/comp....353cce2082a8fb
    >
    > Though I never actually used asroot for kill in production anywhere.
    > I mostly used it to give users the ability to do manual tape backups.
    >
    > I wonder why I have fixmog as a final step? Probably just to ensure the perms on the copied binary.
    > Which, I'm sure I read somewhere that you should copy the binary not link it, else i would always prefer to link it too.
    > Maybe the symlink provides a means to side-step the very security you are trying to maintain?
    > I don't know how, but, if you are using symlinks and it works, then the only reason I could see not to do it was some security concern.
    >


    Hi, Brian.

    I would assume the symlink is done from another restricted dir, such as
    a support dir owned by the support login, and only RW perms for the owner.

    It wouldn't make much sense to symlink in from a world readable dir, fer
    sure

    --
    ----------------------------------------------------
    Pat Welch, UBB Computer Services, a WCS Affiliate
    SCO Authorized Partner
    Microlite BackupEdge Certified Reseller
    Unix/Linux/Windows/Hardware Sales/Support
    (209) 745-1401 Cell: (209) 251-9120
    E-mail: patubb@inreach.com
    ----------------------------------------------------

+ Reply to Thread