Kyle
Possible idea would be to create the command and populate it into some
sort of temp file using your non-root user, then have a job in roots
cron that incorporates a sleep and an if statement in a loop looking
for these files, it runs once found and puts the output somewhere where
you non-root user can then pick up, whilst the non-root user's script is
waiting for the ouptput.
Seen it work, and it works well, and the waits seem seemlless.
Dave
-----Original Message-----
From: veritas-bu-bounces AT mailman.eng.auburn DOT edu
[mailto:veritas-bu-bounces AT mailman.eng.auburn DOT edu] On Behalf Of rob
worman
Sent: 28 August 2007 16:54
To: Kyle Oliver
Cc: veritas-bu AT mailman.eng.auburn DOT edu
Subject: Re: [Veritas-bu] bppllist as a non superuser
well, bppllist is just parsing the data that it finds in
/usr/openv/netbackup/db/class/*
so depending on the amount / nature of the data you're trying to
extract, you could "roll your own" with cross-platform setuid
scripting of some sort.
not something I'd recommend, but technically feasible and you did ask
for "creative". ;-)
HTH
rob
On 8/28/07, Kyle Oliver <k_f_o AT yahoo DOT com> wrote:
>
> My most focused post yet on the subject!
>
> I need to run bppllist as a non superuser for some reporting tools.
Ideally, without having to use a password either. For whatever reason,
this particular binary checks for UID 0 and if you are not UID 0, you
get "userid is not superuser (140)."
>
> I have tried authorized.txt (no effect), VXSS (password and
impossible to reliably setup), methods files [methods_allow.txt,
methods_deny.txt, methods.txt] (worked in small environment, caused
things to break in larger environments), sudo (password, no windows
solution), and RBAC (password, no windows solution).
>
> Any creative ideas here?
>
> Thanks,
> Kyle
>
>
>
> _______________________________________________
> Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
> http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
>
_______________________________________________
Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Notice to recipient:
The information in this internet e-mail and any attachments is confidential and
may be privileged. It is intended solely for the addressee. If you are not the
intended addressee please notify the sender immediately by telephone. If you
are not the intended recipient, any disclosure, copying, distribution or any
action taken or omitted to be taken in reliance on it, is prohibited and may be
unlawful.
When addressed to external clients any opinions or advice contained in this
internet e-mail are subject to the terms and conditions expressed in any
applicable governing terms of business or client engagement letter issued by
the pertinent Bank of America group entity.
If this email originates from the U.K. please note that Bank of America, N.A.,
London Branch and Banc of America Securities Limited are authorised and
regulated by the Financial Services Authority.
_______________________________________________
Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
|