RE: Allowing users to execute shell scripts without seeing password
- From: Joseph Amalraj <joseph@xxxxxxxxxxxxxx>
- To: oracle-l@xxxxxxxxxxxxx
- Date: Fri, 17 Feb 2006 14:03:57 -0800 (PST)
I think this is plaform dependent.
On HP-UX i created a file under user "oracle" tmp.ksh
> cat tmp.ksh
#!/usr/bin/ksh
date
then ran
chmod 7711 tmp.ksh
> ls -l tmp.ksh
-rws--s--x 1 oracle dba 20 Feb 17 16:51 tmp.ksh
From another user I ran
$ /opt/oracle/tmp.ksh
Fri Feb 17 16:57:06 EST 2006
Saving the file using "vi" resets the mode setuid bit.
So it has to be set again
This doesn't work in AIX
Regards
Joseph
Ken Naim <kennaim@xxxxxxxxx> wrote:
I am probably not be reading enough into the question, but here are my 2
cents; just set permission to execute only with no read or write access.
Ken Naim
-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx]
On Behalf Of Radoulov, Dimitre
Sent: Friday, February 17, 2006 12:36 PM
To: oracle-l@xxxxxxxxxxxxx
Subject: Re: Allowing users to execute shell scripts without seeing password
Got error, trying to resend ...
> I've been trying to figure out a way that I can have my users allowed
> to login to the server (HP-UX) with their own account and run a shell
> script that's owned my me ...
> but I don't want them to be able to see the password.
> I had no luck just granting them execute on the shell script, they had
> to have read priviledges in order to execute it apparently.
> Any suggestions??
As suggested on comp.unix shell you can use shell script compiler.
You can try Francisco Javier Rosales García's shc:
Home page:
http://www.datsi.fi.upm.es/~frosal/
Download link:
http://www.datsi.fi.upm.es/~frosal/sources/shc-3.8.3.tgz
Regards,
Dimitre
--
//www.freelists.org/webpage/oracle-l
--
//www.freelists.org/webpage/oracle-l
Other related posts:
