Path: utzoo!utgpu!jarvis.csri.toronto.edu!clyde.concordia.ca!uunet!aplcen!uakari.primate.wisc.edu!zaphod.mps.ohio-state.edu!mips!excelan!unix!hplabs!hp-ses!hpcuhb!hpcilzb!hpcea!hpldsla!djw From: djw@hpldsla.HP.COM Newsgroups: comp.sys.hp Subject: Re: How can I give users root-like privs. w/o the passwd ? Message-ID: <3140011@hpldsla.HP.COM> Date: 21 Dec 89 19:46:44 GMT References: <2643@umbc3.UMBC.EDU> Lines: 77 > I've run into a bit of a snag, I'm sure other people have had to do > this, so here it goes. I would like to give some specific users root-like > privs. to execute some privaledge commands. As a general comment, you might like to look at the setprivgrp(1,2,3?) man pages. I don't think they will work for you in this case, but it's nice to be aware of the mechanism. > ................................................I specifically want to > give a user privaledge to mount a fs, and to halt (shutdown) the system in the > event of an emergency. A technique I used to use as a sys-admin is as follows. Create the command(s) you want the user to be able to use. Ensure that they will do nothing more than what you wish to allow. Setup the command with the set user id bit set (see chmod(1,2)), and file owner of root. This will mean the command gets executed as root, not as the user who invoked it. This should do the trick. BUT be careful the command do only what you want to allow. An even better extension to this technique, is for the command to check in some (writeable by root *only*) file for a list of valid users or groups. The 'special' command should ensure that the login user id (found in $LOGIN) is one of the users listed. That allows you to control access to the command. Here is a quick example that uses a shell script. #!/bin/sh # # sysstop.sh - shutdown the system. # PATH=/bin; export PATH # VERY important. if grep "$LOGNAME" /usr/adm/shutdown.list > /dev/null 2>&1 then cd / exec /etc/shutdown else echo "permission denied" >&2 exit 2 fi -------- Set up the command as follows: chown root sysstop chmod 4555 sysstop chown root /usr/adm/shutdown.list chmod -w /usr/adm/shutdown.list By adding user names to the shutdown.list file, you add users allowed to run the program. Note that setting the PATH is super important in a shell script run as root. If you don't do this, the user can place their 'special' grep command (the one that adds a new root login to /etc/passwd) in the PATH before running sysstop and use it to comprimise security. Set the PATH up front or explicitly call the command you wish to use (ie, "/bin/grep" not "grep"). The latter can get a bit ugly in long scripts. You can use the same technique for creating a limited access root powerful C programs also - in fact this is probably more common. Hope that helps, djw@hpldsla #include it probably doesn't work nobody is going to support it use at your own risk I'm not working for HP at this moment I haven't had flu shots lately.