Date: Thu, 18 Mar 1999 16:56:05 +0100 (CET) From: Zahemszky Gabor <zgabor@CoDe.hu> To: freebsd-security@freebsd.org Subject: Re: disk quota overriding Message-ID: <199903181556.QAA00446@CoDe.hu> In-Reply-To: <Pine.BSF.4.05.9903171655510.13967-100000@nathan.enteract.com> from David Scheidt at "Mar 17, 99 05:01:00 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> On Wed, 17 Mar 1999, Jon Hamilton wrote:
>
> :Under HP-UX 9.x, the behavior you describe was the default, and it
> :was changable by altering a kernel config parameter and relinking the
> :kernel. The same tunable is available under 10.x, but I'm less certain
> :what the default behavior is there. Whether quotas are enabled or not
> :does not affect the behavior, only the kernel tunable parameter.
>
> This is still the default in 10.20. At least, all of the machines around here
> are that way. It has some uses on test and lab type machines, as it makes
> some tasks not have to involve root. As default behavior for a production
> machine, it is damn silly.
Hrrr!
RTFM!
on any HP-UX system, you have to type ``man setprivgrp'', and read ahead
about the priviledges. Eg. there is one (I think the name is CHOWN ;-), which
allow or deny a normal user (groups of user) to use the chown syscall
(a'la SYSV vs. BSD). In all of my HP-sysadmin trainings, I say that at
the time of quotas.
Bye,
ZGabor at CoDe dot HU
PS: if I know well, there isn't any kernel parameter you have to change.
(Well, I'd like to ask you to write me the name of it, as I don't know about
it.) By the way you are right, the setprivgrp command isn't documented in HP's
UNIX course docs (only in the HP-UX security), only in the manual. I know,
I teach it.
PS2: go away from fbsd-sec with this off-topic thread about HP-UX. There are
more Unices, which has chown with AT&T semantics. Well, not so many with
quotas (and FFS), as HP.
--
#!/bin/ksh
Z='21N16I25C25E30, 40M30E33E25T15U!' ;IFS=' ABCDEFGHIJKLMNOPQRSTUVWXYZ ';set $Z ;for i { [[ $i = ? ]]&&print $i&&break;[[ $i = ??? ]]&&j=$i&&i=${i%?};typeset -i40 i=8#$i;print -n ${i#???};[[ "$j" = ??? ]]&&print -n "${j#??} "&&j=;typeset +i i;};IFS=' 0123456789 ';set $Z;X=;for i { [[ $i = , ]]&&i=2;[[ $i = ?? ]]||typeset -l i;X="$X $i";typeset +l i;};print "$X"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199903181556.QAA00446>