On Mon, Dec 19, 2005 at 08:58:41PM +0000, [EMAIL PROTECTED] wrote: > I discovered the user "operator" in UNIX , found it in the > book "Essential System Administration" by AEleen Frisch, and it has > features that I would like to use. The book says (on page 131) that > this user exists on some BSD systems and it is used for back-ups > and such. It is like superuser ( root ) in that it can access any > file regardless of the permission bits, but it operates readonly, > it cannot modify unless the permission bits allow it to do so. > I checked /etc/passwd and found that operator is a user > (in FreeBSD 4.3 ). When I tried it out, I found some directories > that operator couldn't enter and checked a few of those directories > and found that they gave absolutely no access to 'other' users, > explaining why operator couldn't enter those directories. I feel > that this is an error since it doesn't allow operator to do its > stated task. Similarly, operator cannot access plain files > unless the permission bits allow it to do so. > Please implement this user as the book lists it, this will > give the FreeBSD community a useful capability. We could check > LINUX and see if they have have it properly implemented; if so > we could copy it making the necessary changes, an easier task.
The book or your understanding of it is incorrect. The operator user traditionally has unrestricted read access to the raw disks because it is in group operator. As such it can read any local data, but not via the file system. Since backups are traditionally performed via the dump command which directly accesses the disk, this allows backups to run as operator. > uname -a for my system gives: > FreeBSD 4.3-RELEASE FreeBSD 4.3-RELEASE #0: Sat Apr 21 10:54:49 GMT 2001 > [EMAIL PROTECTED]:/usr/src/sys/compile/GENERIC i386 This is a truly obsolete version of FreeBSD. If you must run the 4.x series, run 4.11. Better yet, run 6.0. -- Brooks -- Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4
pgpZEOODSow7E.pgp
Description: PGP signature
