From owner-freebsd-questions Sat Apr 8 20:16:50 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail.alpha.net.au (mail2.alpha.net.au [203.41.44.8]) by hub.freebsd.org (Postfix) with ESMTP id 3962237B5DA for ; Sat, 8 Apr 2000 20:16:47 -0700 (PDT) (envelope-from dannyh@idx.com.au) Received: from freebsd.freebsd.org (surry-pool-162.alpha.net.au [203.41.44.162] (may be forged)) by mail.alpha.net.au (8.9.3/8.9.3) with SMTP id NAA09119; Sun, 9 Apr 2000 13:15:56 +1000 From: Danny To: cjclark@home.com, "Crist J. Clark" , cache manager Subject: Re: group rights Date: Mon, 10 Apr 2000 13:19:16 +1000 X-Mailer: KMail [version 1.0.21] Content-Type: text/plain Cc: freebsd-questions@FreeBSD.ORG References: <20000408155638.B14643@cc942873-a.ewndsr1.nj.home.com> MIME-Version: 1.0 Message-Id: <00041013204900.00326@freebsd.freebsd.org> Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Assuming all your users are like IT people and you want a group of people (like the IT guys in your building) to restart squid or restart apache you should install "sudo" http://www.courtesan.com/sudo/ or install sudo from the ports On Sun, 09 Apr 2000, Crist J. Clark wrote: > On Sat, Apr 08, 2000 at 02:38:02PM -0400, cache manager wrote: > > My problem is this : I want to allow a user to execute > > a file normally owned by root. I hope to have the user do all this from > > a shell batch file. > > I want them to be able to restart squid after they have changed a config > > file. I have created a group localadmins and added the user to the group > > localadmins I then chown :localadmins squid > > and now the group localadmins own squid. When I log on as this user and > > try to restart squid it fails I have fooled around with permissions even > > assigned 777 to squid with no luck. > > Any suggestions would be helpfull I have searched the archives and man > > group. What am I missing? > > A setuid bit? See 'man chmod' and look at '4000' in the MODES > section. > > You run root owned binaries all of the time, ls, more, rm, etc. Pretty > much all of the system binaries are root owned. This gives no special > permissions to the user executing them. > > I think the permissions and ownership you are looking for on your > squid start-up script are, > > # chown root:localadmins squid > # chmod 4750 squid > > -- > Crist J. Clark cjclark@home.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message