From: bill.thompson@goodyear.com
Date: Thu Sep 05 2002 - 13:13:14 EDT
Bill,
Unfortunately there is no accurate way to report what a user's umask is,
only what is "should" be because it's too easy for a user to change the
umask. They could be manually entering the command or manually sourcing a
file which sets the umask.
Logging in as the user and issuing the umask command is probably best way
to see what the umask should be.
Most flavors of UNIX no longer allow suid scripts, only binaries which is
why your script is failing. Take a look at sudo. It will allow you to run a
script as root. It's a great tool for parsing out limited root access.
(Embedded Bill Thompson
image moved The Goodyear Tire & Rubber Company
to file: Contains Confidential and/or Proprietary Information.
pic28350.jpg) May Not Be Copied or Disseminated Without Express Consent of
The Goodyear Tire & Rubber Company.
"Butcher, William
(Bill.Butcher)" To: "'hpux-admin@dutchworks.nl'" <hpux-admin@dutchworks.nl>
<Bill.Butcher@ChevronT cc:
exaco.com> Subject: [HPADM] Umask Reporting
Sent by:
hpux-admin-owner@Dutch
Works.nl
09/05/2002 12:07 PM
HPUX Gurus,
I'm developing a series of csh scripts which periodically report
security-related information to system analysts. I'm running into a
problem when attempting to report the 'umask' settings for each user
defined in the /etc/passwd file.
Is there a simple method of determining what the 'umask' setting is for
each defined user? One method that I know of is to 'su' to that user's
account and issue the 'umask' command. Another is to search through the
home directory of each user and search the .profile file for a particular
'umask' setting. Neither method is very elegant.
The prototype that I have running today is run as 'root' and loops through
the /etc/passwd file, using the 'su' command and issuing the 'umask'
command for each user. The script doesn't work when not run from 'root',
even though I set the SUID bit on the script and change to 'root'
ownership.
I'd rather not have the script run from a 'root' user account, so what's
the best way of determining and reporting the 'umask' settings for all
defined users?
I'm running HPUX v10.20 on K-series servers and J-series workstations.
Thank you in advance for your ideas,
- Bill
William H. Butcher III
ChevronTexaco Pipeline Company
2811 Hayes Road, Suite 3313F
Houston, Texas 77082
Office: (281)596-2847, Cellular: (281)543-9651
E-mail: bill.butcher@chevrontexaco.com
--
---> Please post QUESTIONS and SUMMARIES only!! <---
To subscribe/unsubscribe to this list, contact majordomo@dutchworks.nl
Name: hpux-admin@dutchworks.nl Owner: owner-hpux-admin@dutchworks.nl
Archives: ftp.dutchworks.nl:/pub/digests/hpux-admin (FTP, browse only)
http://www.dutchworks.nl/htbin/hpsysadmin (Web, browse & search)
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 11:02:19 EDT