LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 06-06-2004, 09:29 AM   #1
nsX
LQ Newbie
 
Registered: Nov 2003
Location: Germany
Posts: 16

Rep: Reputation: 0
/bin/login with root privileges?


Hello!

What I need to realize...

Whenever a user logs in via SSH, I need to execute a script with root privileges. I want to create some files (filled with real time infos) in user's home directory and chown' them to root that the user can't delete them. Setting the default shell is not enough because this shell will be executed by /bin/login with privileges of the loging in user.

Authentication is done via LDAP (back-mysql).
Distibution is RedHat 9.

Any ideas?

Thx alot!


-EN
 
Old 06-06-2004, 11:23 AM   #2
nsX
LQ Newbie
 
Registered: Nov 2003
Location: Germany
Posts: 16

Original Poster
Rep: Reputation: 0
Hi there...

seems my needs stay unsatisfied. I hecked trough the sources of /bin/login. It completely drops root privs before executing users initial shell. Maybe I will change this...


-EN
 
Old 06-06-2004, 03:59 PM   #3
SciYro
Senior Member
 
Registered: Oct 2003
Location: hopefully not here
Distribution: Gentoo
Posts: 2,038

Rep: Reputation: 51
if you don't mind dragging your computer thru the world of more security

http://www.rsbac.org i think can satisfy what you want
 
Old 06-06-2004, 04:41 PM   #4
nsX
LQ Newbie
 
Registered: Nov 2003
Location: Germany
Posts: 16

Original Poster
Rep: Reputation: 0
Thank you for your reply.

That's the problem... I need high security

This will be a public web server hosting more than 200 domains. I want to generate domain stats in user's home dir when they login (more real time than cron). Maybe, you can help me with another problem

I use pam_mysql.so (no more ldap ) to authenticate our customers. Now, when /bin/login calls my bash script to generate the stats, this script needs to connect to the mysql database. Means, I need to write the password in plain text into this script. The disadvantage is, that this script must have at least 0755 root:root to be executed by /bin/login. means, customers could 'less /usr/local/bin...' and see my password.

Can I handle this with s-bit set? Other solutions?

Thx!


-EN

Last edited by nsX; 06-06-2004 at 04:44 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
USB HD Needs Root Privileges rrrssssss Linux - Hardware 3 11-13-2005 04:08 PM
Root privileges for user ar1 Linux - Security 2 01-07-2005 09:33 PM
User with root privileges ShakyJake Linux - Newbie 2 06-18-2004 12:12 PM
root privileges and permissions evil_lafta Slackware 7 08-20-2003 09:37 PM
Xine and root privileges markus1982 Linux - Software 1 08-18-2003 03:23 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 10:32 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration