Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!thunder.mcrcim.mcgill.edu!panisset From: panisset@thunder.mcrcim.mcgill.edu (Jean-Francois Panisset ) Newsgroups: comp.sys.apollo Subject: Problem with setuid shell scripts under Aegis Summary: scripts won't setuid! Message-ID: <1991Apr26.220353.22998@thunder.mcrcim.mcgill.edu> Date: 26 Apr 91 22:03:53 GMT Organization: McGill Research Centre for Intelligent Machines Lines: 58 Here is a question from an Aegis novice: I am trying to create scripts which are to run setuid to root, and things are not working (we are running Domain 10.2, btw). Here is what I am trying to do: 1. Create a directory called lock_dir 2. remove any rights to others except root. The resulting ACL is: Acl for lock_dir: Required entries: root.%.% prwx- %.psram.% ----- %.%.inc [ingnored] %.%.% ----- Extended entry rights mask: ----- 3. Create a script called root_script containing the following line: edacl lock_dir -a yourself prwx 4. Make root the owner of the script (if it is not already): edacl root_script -prwx 5. Set the setuid bit on for root_script: edacl root_script -setuid on 6. By now, the ACL for root_script should look like: Acl for lock_dir: Required entries: root.%.% prwx- set person %.psram.% prwx- %.%.inc [ingnored] %.%.% prwx- Extended entry rights mask: ----- 7. Now, go back to yourself and try: % root_script Error: no rights to change acl - "lock_dir" So what is the problem? It seems that my setuid script does not run as root? Am I missing something here, or am I making a UNIX-like assumption about Aegis? Thanks in advance to all you Aegis gurus out there... JF Panisset -- Jean-Francois Panisset INET: panisset@mcrcim.mcgill.ca panisset@larry.mcrcim.mcgill.edu UUCP: ...!mcgill-vision!panisset