Yes, but sudo will still run orion with UID 0. This will not improve security. Then
you might as well make a group called 'orion', and put all the users that need access
to orion into this group. Change the dir/file perms so that it is read/writable for
these users.
If you try to get orion to run non-root because of security, follow the example on
orionsupport.
--nils
Scott M. Stirling([EMAIL PROTECTED])@Sun, Jan 07, 2001 at 01:49:15PM -0500:
> I think there is a better solution than using ipchains (which I'm not
> sure is supported anywhere but on Linux, and is bound to incurr some
> overhead, though I'm not sure if it would be significant), or at least
> an alternative.
>
> Install sudo if you haven't already. You have to configure sudo with
> the names/groups of users and their permissions. What sudo does is
> allow non-root users to execute super user commands and temporarily
> attain super user privileges for the purpose of executing commands. You
> can have users enter a password to use sudo, or you can configure sudo
> to allow users/groups to use it without a password. In any case, make
> sure the actual root password and the sudo password are different, that
> way no one needs to know the root password except root. To use sudo,
> once installed, you just prefix sudo to any command in order to use it:
>
> sudo reboot
> sudo java -jar orion.jar
> etc.
>
> http://www.courtesan.com/sudo/
>
>
> On 07 Jan 2001 16:54:01 +0800, Heng Chee, Lee - SG wrote:
> > Hi,
> > I used to run orion on NT machine and now I have to deploy it on a Sun Sparc
> > Solaris machine.
> > Honestly, my knowledge on unix system admin is very limited.
> > Ok, now I have this problem:
> > I have untar the orion archieve to a folder called orion, this folder and
> > all the files and subfolders under it are belongs to a user name 'orion',
> > the group access permission for this folder (and all it's files) are also
> > called 'orion'. When I log in to unix as user 'orion' and try to start up
> > the app server by typing java -jar orion.jar, I get a message "Error
> > starting HTTP-Server : Permission denied". I can only startup orion if I
> > log in as root user. This is not acceptable because I can't let everyone to
> > have root access just for starting up the orion server.(Our project still in
> > the development phase so we need to start and stop the server quite often)
> >
> > I am puzzle with this error because I have already set the owner of all the
> > files under orion folder to be 'orion', and orion app server is using it's
> > own http-server internally so it shouldn't has any permission problem.
> > I think that orion app server might try to access some of the unix system
> > file which must have root access, if this is the case can someone tell me
> > which file it it?
> > Or is there any alternative work around for this problem?
> >
> >
> >
> >
> >
> > Thanks and best regards
> > Lee
>
> --
> Scott Stirling
> West Newton, MA
>
