From owner-freebsd-questions Wed May 1 22:19:46 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id WAA16823 for questions-outgoing; Wed, 1 May 1996 22:19:46 -0700 (PDT) Received: from mercury.interpath.com (babbleon@mercury.interpath.com [199.72.1.1]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id WAA16803 for ; Wed, 1 May 1996 22:19:42 -0700 (PDT) Received: (from babbleon@localhost) by mercury.interpath.com (8.6.12/8.6.9) id BAA12169 for freebsd-questions@freebsd.org; Thu, 2 May 1996 01:19:35 -0400 From: "Brian T. Schellenberger - Personal Account" Message-Id: <199605020519.BAA12169@mercury.interpath.com> Subject: Groups ; Setuid To: freebsd-questions@freebsd.org (FreeBSD Questions) Date: Thu, 2 May 1996 01:19:34 -0400 (EDT) X-Mailer: ELM [version 2.4 PL23] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Ok, I first used BSD way back in 1981, but I've been wandering in the land of the lost (sys5-ish systems) for many years now, and I don't quite "get it" about permissions and BSD, so . . . 1. I want to be able to su to root from my ID, but did not originally give myself root perms. When I tried to edit (via vipw) the password file to just change my group, it didn't seem to "take" somehow, so I switched it back. If I understand the theory, though, I should be able to be in multiple groups. How? It doesn't seem to be in the handbook or the FAQ, and my perusal of man pages hasn't show anything. I admit I'm not on speaking terms with info yet, but I don't think that FreeBSD favors it anyway. 2. I want to be able to setuid a "script" to root and have it jolly well do whatever I can do logged in as root. In particlar, I want to have scripts to slattach and associated "stuff" to various places and I want to allow non-root folks to do so. I can make some stuff work with suidperl, but even then it barfs if I try to invoke an extermal command that's a shell. Sure, it's a security risk, but this is a home system; it just doesn't need to be *that* secure. Or is there a better way to do this sort of thing? -- Brian T. Schellenberger, the Man from Babble-On. "Someday I'll get around to importing all the cool quotes from my other account's .sig files." http://mercury.interpath.com/~babbleon