From owner-freebsd-questions@freebsd.org  Fri Feb 19 14:53:04 2016
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2E230AAD410
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Fri, 19 Feb 2016 14:53:04 +0000 (UTC)
 (envelope-from freebsd@qeng-ho.org)
Received: from bede.qeng-ho.org (bede.qeng-ho.org [217.155.128.241])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "fileserver.home.qeng-ho.org",
 Issuer "fileserver.home.qeng-ho.org" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id C9D211A9E
 for <freebsd-questions@freebsd.org>; Fri, 19 Feb 2016 14:53:03 +0000 (UTC)
 (envelope-from freebsd@qeng-ho.org)
Received: from arthur.home.qeng-ho.org (arthur.home.qeng-ho.org [172.23.1.2])
 by bede.home.qeng-ho.org (8.15.2/8.15.2) with ESMTP id
 u1JEqrdj069639; Fri, 19 Feb 2016 14:52:54 GMT
 (envelope-from freebsd@qeng-ho.org)
Subject: Re: minimize use of root account
To: Polytropon <freebsd@edvax.de>, Yudi V <yudi.tux@gmail.com>
References: <CACo--mv9qU2ZwtTuZRQBpioEr+enT=sd-SJ79BFumZt5aL18jg@mail.gmail.com>
 <20160219120503.fc97ef10.freebsd@edvax.de>
Cc: freebsd-questions@freebsd.org
From: Arthur Chance <freebsd@qeng-ho.org>
Message-ID: <56C72C45.2050606@qeng-ho.org>
Date: Fri, 19 Feb 2016 14:52:53 +0000
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101
 Thunderbird/38.5.0
MIME-Version: 1.0
In-Reply-To: <20160219120503.fc97ef10.freebsd@edvax.de>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Feb 2016 14:53:04 -0000

On 19/02/2016 11:05, Polytropon wrote:
> On Fri, 19 Feb 2016 16:29:43 +1100, Yudi V wrote:
>> Hi all,
>>
>> currently I use the below script to load geli devices and import zpool. It
>> needs to be run as root.
>> how to run this script as normal user, is there a group that the user needs
>> to be part of?
>
> No, not for this task.
>
> There are different ways to do it.
>
> 1. You can set the script itself to "run as root" (chmod +s) when
>     the script is owned by root:root. Regular users may then execute it.

I thought suid scripts were disabled years ago because they were a major 
security loophole?

-- 
Moore's Law of Mad Science: Every eighteen months, the minimum IQ
necessary to destroy the world drops by one point.