Amir,
I believe it goes like this:
"chmod 6755 cmd.sh" will set the user and group IDs on execution, and the
file can be executed by anyone.
"chmod 6750 cmd.sh" will set the user and group ID on execution, and the
file can be executed by other members of the group that cmd.sh belongs to.
I'm more used to using the numeric or absolute mode when specifying file
permissions than the symbolic one. Sorry about that. I think the
equivalent commands using the symbolic mode to specify the permissions are
as follows (someone please correct me if I'm wrong):
First, run either "chmod a+rx cmd.sh" (this allows "all" to execute cmd.sh)
OR "chmod ug+rx cmd.sh" (this allows the owner and members of the same
group to execute cmd.sh)
Then "chmod ug+s cmd.sh" (this sets the user and group ID on execution).
The thing is that "chmod ug+s" does not specify what execution rights you
want granted to "others". So you have to be sure that you have taken care
of that too. You can use "chmod o-x" to remove others.
Steve
"Amir Sadeghi"
<amir_sadeghi@ho To: [EMAIL PROTECTED]
tmail.com> cc:
Sent by: Subject: RE: [DB2EUG] Allowing a
tester to backup/restore
owner-db2eug@lug
wash.org
04/01/2002 10:57
PM
Please respond
to "Amir
Sadeghi"
Ellen,
My question is: if I want to give user 'somebody' execution on file called
'cmd.sh', how do I do it?
>From: "Reys, Ellen" <[EMAIL PROTECTED]>
>To: "'Amir Sadeghi'" <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>Subject: RE: [DB2EUG] Allowing a tester to backup/restore
>Date: Mon, 1 Apr 2002 16:59:15 -0800
>
>Amir,
>
>The syntax "ug+s" can be interpreted as following:
>
>u (file owner) and g (group) "+" - to add permission "s", which means:
>
>Set-user-ID-on-execution permission if the u flag is specified or implied.
>Set-group-ID-on-execution permission if the g flag is specified or
implied.
>
>Cheers,
>
>Ellen Reys
>Data Management Services
>Inovant - a Visa Solutions Company
>[EMAIL PROTECTED]/650-432-1746 m/s: 3125-1D
>
>
>
>-----Original Message-----
>From: Amir Sadeghi [mailto:[EMAIL PROTECTED]]
>Sent: Monday, April 01, 2002 4:29 PM
>To: [EMAIL PROTECTED]
>Subject: Re: [DB2EUG] Allowing a tester to backup/restore
>
>
>Steve,
>
>The first option sounds like exactly what I'd like to do. However, reading
>the man pages on chmod, I'm confused on the syntax. The manpages says that
>the syntax is:
>
>chmod ug+s cmd (where cmd is the executable)
>
>What I don't get is where I specify the userid that can run this
>executable.
>
> Do you know of an example?
>
>Thanks for your help and I really appreciate your input.
>
>
>
>
> >From: [EMAIL PROTECTED]
> >To: "Amir Sadeghi" <[EMAIL PROTECTED]>
> >CC: [EMAIL PROTECTED], [EMAIL PROTECTED]
> >Subject: Re: [DB2EUG] Allowing a tester to backup/restore
> >Date: Mon, 1 Apr 2002 14:29:43 -0600
> >
> >
> >Amir,
> >
> >Here are a couple of other approaches you might consider that do not
> >involve giving DBA authority to end users.
> >
> >One approach would be to set up something using the UNIX "set user ID"
>bit.
> >Using this, you could create a program or shell script that would
perform
> >the backup or restore. The set user ID feature lets the program execute
> >under the User ID of the person owning the program, not the one
executing
> >it. (See the man page for "chmod.")
> >
> >Another approach would be to set up some kind of queuing mechanism that
> >would allow users to submit the names of tables that they want backed up
>or
> >restored. This might be as simple as having a file that users could
>edit,
> >where they could add the schema and name of the table and the action to
>be
> >taken (i.e., backup or restore). Or you could have a DB2 table where
>they
> >could insert a row having that same information. Then you could write a
> >program or shell script that would read the file or table, take the
> >appropriate action, then clear out the queue.
> >
> >Steve Westfall
> >Equifax, Inc.
> >
>
>
>
>
>Amir
>
>
>_________________________________________________________________
>Chat with friends online, try MSN Messenger: http://messenger.msn.com
>
>-
>::: When replying to the list, please use 'Reply-All' and make sure
>::: a copy goes to the list ([EMAIL PROTECTED]).
>*** To unsubscribe, send 'unsubscribe' to [EMAIL PROTECTED]
>*** For more information, check http://www.db2eug.uni.cc
Amir
_________________________________________________________________
Join the world's largest e-mail service with MSN Hotmail.
http://www.hotmail.com
-
::: When replying to the list, please use 'Reply-All' and make sure
::: a copy goes to the list ([EMAIL PROTECTED]).
*** To unsubscribe, send 'unsubscribe' to [EMAIL PROTECTED]
*** For more information, check http://www.db2eug.uni.cc
-
::: When replying to the list, please use 'Reply-All' and make sure
::: a copy goes to the list ([EMAIL PROTECTED]).
*** To unsubscribe, send 'unsubscribe' to [EMAIL PROTECTED]
*** For more information, check http://www.db2eug.uni.cc
