Thanks to the following people who replied to my query about setuid user accounts: Johan Hartzenberg Reginald Beavers Andrew Sit Greg Marsh Thomas Steudten Julie Peers Deborah Santomauro Galen Johnson Gurcan Erim Shriman Gurung Marco Breedeveld I seemed to cause some confusion about what I was actually asking, for which I apologise. A number of people thought I was asking about setting the setuid bit for a file or directory. What I actually wanted to know was whether it's possible to set the 'No password --- setuid only' option for a user account from the command line, as you can from AdminTool et al. The consensus seems to be no, or at least, not directly which is strange since you seem to be able to do it for the other three password options which AdminTool provides ('Account is cleared until next login', 'Account is locked', 'Normal password'). Suggestions included the following: [] set the shell to /bin/false to prevent logins to this account [] use passwd -l <username> to lock the account [] setfacl -m user:user1:rwx,user:user2:r-x filename [] change the password field in /etc/shadow to 'NP' ** [] make the uid 0 and/or 14 depending on what the account is for [] use useradd ** This is what I am trying to achieve but without having to do it manually. I've solved the problem by implementing the following commands in a shell script. It works but it's a bit messy so if anyone has a cleaner solution, please let me know! cat /etc/shadow | sed 's/^<username>:\*LK\*:/<username>:NP:/' > /tmp/tmpfile.$$ mv /tmp/tmpfile.$$ /etc/shadow This works since I can guarantee (in this instance) that the account will have the *LK* flag set beforehand. Thanks again for everyone's help, Regards, Chris My original questions was: Hello gurus, This is probably a very simple question but I've been unable to find the appropriate information anywhere else. Is it possible to make a user account setuid only from the command line, without using AdminTool, AdminSuite or any other such application? Any help appreciated! I will summarise. Thanks! Chris ---------------------------------- Chris Young EDS Defence Ltd. Tel. : +44 (0)1256 742235 Fax. : +44 (0)1256 742727 E-mail: chris.young@edl.uk.eds.com _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Tue Nov 12 11:11:08 2002
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:57 EST