LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   /bin/login with root privileges? (https://www.linuxquestions.org/questions/linux-general-1/bin-login-with-root-privileges-190313/)

nsX 06-06-2004 09:29 AM

/bin/login with root privileges?
 
Hello!

What I need to realize...

Whenever a user logs in via SSH, I need to execute a script with root privileges. I want to create some files (filled with real time infos) in user's home directory and chown' them to root that the user can't delete them. Setting the default shell is not enough because this shell will be executed by /bin/login with privileges of the loging in user.

Authentication is done via LDAP (back-mysql).
Distibution is RedHat 9.

Any ideas?

Thx alot!


-EN

nsX 06-06-2004 11:23 AM

Hi there...

seems my needs stay unsatisfied. I hecked trough the sources of /bin/login. It completely drops root privs before executing users initial shell. Maybe I will change this...


-EN

SciYro 06-06-2004 03:59 PM

if you don't mind dragging your computer thru the world of more security

http://www.rsbac.org i think can satisfy what you want

nsX 06-06-2004 04:41 PM

Thank you for your reply.

That's the problem... I need high security ;)

This will be a public web server hosting more than 200 domains. I want to generate domain stats in user's home dir when they login (more real time than cron). Maybe, you can help me with another problem ;)

I use pam_mysql.so (no more ldap :tisk: ) to authenticate our customers. Now, when /bin/login calls my bash script to generate the stats, this script needs to connect to the mysql database. Means, I need to write the password in plain text into this script. The disadvantage is, that this script must have at least 0755 root:root to be executed by /bin/login. means, customers could 'less /usr/local/bin...' and see my password.

Can I handle this with s-bit set? Other solutions?

Thx!


-EN


All times are GMT -5. The time now is 01:04 PM.