I accidentally removed the netstat command !
 

I accidentally removed the netstat command from /usr/bin on solaris 8.

From another sol 8 system I transfered the netstat executable back to /usr/bin.

However, when I do :

ls -al

on the machine containing the good netstat i get following result :
-r-xr-sr-x 1 root sys 55180 Jan 6 2004 netstat

I noticed 2 things :
==================
first the strange execeutableflag = s (probably stand for sys)

second the ownership sys in root sys

Now, on the system where I would like to restore the netstat bin, what commands shoudl i type to make executableflags and the ownerships match exaclty the same ?

can I simply use 'chown root:sys netstat' ?
but what about the execflags ?
I know r-x means 5 but how is r-sr represented ?

would it harm the system if I simply do
chmod 777 netstat
chown root:root netstat ?

chmod <edit>2555</edit> netstat

BTW, that bit is called the "set group ID on execution" bit. What that means is no matter who executes that file and what group they live in (providing they have permissions to execute of course) it gets executed with a gid of the owning group. Typically when you execute a file it gets executed with the gid of your users main group.

I don't think you've actually removed netstat, but a link to the executable. Try running:

find / -name netstat

Once found, make a link of it to your /usr/bin, like this:

ln -s /<whereever netstat is> /usr/bin/netstat

Permission 777 is a bad idea, because that gives full read. write and execute permissions for any user on the system. Usually, users should be able to read and execute, but not write to this kind of files (exactly to avoid deletion or modification).

In Unix, those 777 are actually octal numbers (base 2). as an example, let's suppose we have a file called "test" on your /export/home/markraem. Typing ls -l would say something like this (I'm not on Solaris right now, so I can't test this):

ls -l test
-rwxr-xr-x

Let's brake it into pieces. The first character, the dash (-) tells that this file, is actually a file. If it was a directory, it should be a "d" instead. The next three characters are permissions set to the owner (rwx), where r=read, w=write and x=execute. As I said, those numbers has a base two, so:

4 2 1
r w x

4 + 2 +1 = 7. That grants full read, write and execute permissions to the owner. Let's take the next three bits and analize them. The next three characters are values set for the group (r-x), where r=read, x=execute. With base 2, we have:

4 2 1
r - x

That would be 4 + 0 + 1 = 5. 5 grants read and execute permissions. To be able to execute a file, users must also be able to read them. The next three bits are permissions set to all other users. Since others, in this case, has the same symbolic permissions as the group, it's also 5. So this file has a permission of 755. 655 is a pretty common setting for a file. Directories are a bit different though, but still follow the same rules.

In Solaris, some files are read only (r--r--r--), as example, we have the file /etc/passwd, which stores information for every user, including their preferred shell and default home directories. Since the root is the owner of that file, he is the only one capable of changing it's permission, in the case he needs to modify that file (say, remove an user password or change the default shell). Thus, a r--r--r-- file has a permission of 444.

You can also use symbolic values instead of octal in Unix. For example, chmod +x file would make a file, an executable file.

Sorry for the lecture, I got a little carried on :). Well, try finding the netstat path and link to your /usr/bin

Regards!

Megaman forgot about the first byte....

The 2 in my reply means "set group id on execution". There is also a "set user id on execution" (4) and a "sticky bit" (1).

4 2 1
S S T

For more information man chmod.

Oh ya.. I'm an idiot:) I ment to say, chmod 2555 netstat is what you want:)

Nice post jtshaw. I did not know that ;)

Jtshaw :

thanks for your reply :



After download of netstat I typed :

chmod 2555 netstat

and

chown root:sys netstat.

rebooted the machie.

This works great