From owner-freebsd-questions@FreeBSD.ORG  Thu Feb 12 12:41:48 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 76D0516A4CE
	for <freebsd-questions@freebsd.org>;
	Thu, 12 Feb 2004 12:41:48 -0800 (PST)
Received: from clunix.cl.msu.edu (clunix.cl.msu.edu [35.9.2.10])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1DB7443D1F
	for <freebsd-questions@freebsd.org>;
	Thu, 12 Feb 2004 12:41:48 -0800 (PST)
	(envelope-from jerrymc@clunix.cl.msu.edu)
Received: (from jerrymc@localhost)
	by clunix.cl.msu.edu (8.11.7p1+Sun/8.11.7) id i1CKc1U18692;
	Thu, 12 Feb 2004 15:38:01 -0500 (EST)
From: Jerry McAllister <jerrymc@clunix.cl.msu.edu>
Message-Id: <200402122038.i1CKc1U18692@clunix.cl.msu.edu>
To: zzerver@hotmail.com (ZZerver ZZserver)
Date: Thu, 12 Feb 2004 15:38:01 -0500 (EST)
In-Reply-To: <BAY2-F67x4xVGGJQeCH0000e893@hotmail.com> from "ZZerver ZZserver"
	at Feb 12, 2004 08:29:24 PM
X-Mailer: ELM [version 2.5 PL2]
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
cc: freebsd-questions@freebsd.org
Subject: Re: root access to a custom .sh defined as shell;
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Feb 2004 20:41:48 -0000

> 
> Am running a free server of shells in freeBSD 4.9, the amount of
> >people solicitading new accounts has been too much that i can not
> >handle them by me, so i wrote this .sh program to do it for me, my
> >code its secure as much i can tell, i understand the risk involve and
> >decide to do it anyways, soo i create a new group call 'shellauto',
> >add new user 'newuser' promote to 'wheel', then i modify etc/shells to
> >accept my new shell, so when some body logs to my server as 'newuser'
> >the server run my .sh (freeshell.sh), everything works goodl but my
> >question is ...how can i give my script root previlages ? so can
> >addusers without me? also if there is a way to type a command directly
> >to shell (bash) so i can define quotas of 1mb, and background procees
> >to 3?? that way i can include those commands to my freeshell.sh
> >...thanks

You are not supposed to be able to make a shell script have SUID root
ability.    So, you either need to write a wrapper in C that calls
it or just rewrite the whole thing in C.

////jerry