SUMMARY su - user

From: James Wendling (jbwendl@mtb.phil.mop.com)
Date: Thu Nov 06 1997 - 07:26:40 CST


As a follow up to this summary, I came accross the real reason that the
permissions are wrong while looking for something else, so I thought I would
summarize here.

In Solaris there is a new feature(?) in a file called /etc/logindevperm which
is similar to the SunOS file /etc/fbtab. There are man pages for each on its
respective system. In esscence what changed is a security item. In SunOS
by default all the device entries were commented out in the file which allowed
windows to start up because the default was full permissions. However, in
Solaris the lines in the file are uncommented and have permission 600 which
only gives the user who logged in on the console permission to start windows.

I first tried just commenting the lines in /etc/logindevperm, but the default
mode is also 600 so that didn't work. Next, I changed the mode of the devices
to 666 in the /etc/logindevperm file, (I also had to add the line: /dev/console
0666 /dev/console, which misteriously isn't there), and then everything worked
as it did in SunOS.
----------------

----- Begin Included Message -----

>From root@mtbphil Tue Oct 28 17:26:40 1997
X-Originating-Ip: [134.217.11.63]
From: "Boujzhouri Hakimbaba" <srebro1@hotmail.com>
To: sun-managers@ra.mcs.anl.gov
Subject: SUMMARY su - user
Date: Tue, 28 Oct 1997 11:55:33 PST

hello,

This is to summarize the answer to my question which I posted yesterday.
Special thanks to James Wendling who provided the following answer.
Thanks also to Kris Briscoe who was first to respond. I put the
question after Wendling's correct answer which worked %100 for me.
---------------------------------------------------------------------
 The thing I found was that in Solaris several
>devices get set to be owned by the user who logs in on the console and
the
>mode is 600. I found that if I su'd to root and changed the mode to
666, then
>su'd to the new account, everything worked.
  The devices are below so you could create a little
>script to do it for you as root:

 
>/devices/pseudo/cn@0:console
>/devices/pseudo/conskbd@0:kbd
>/devices/pseudo/consms@0:mouse
>/devices/sbus@1,f8000000/cgsix@3,0:cgsix0 (this may be different
depending on
> your graphics card)
>
>The following two I didn't change the mode of but they most likely need
to be
>if you want sound:
>
>/devices/audio@1,f7201000:sound,audio
>/devices/audio@1,f7201000:sound,audioctl
>---------------------------------------------------------------------
>> I am an admin. running a network once dedicated to SunOS 4.1, but now
in
>> the process of upgrading to Solaris 2.5. One of the features I
enjoyed
>> in SunOS was the ability to login on any terminal on the network and
>> Control-c before going into OpenWindows, perform a su to become root,
>> and then as root issue another su - xxx ( where xxx represents any
user
>> on the network ) and enter OpenWindows as xxx where all of that
user's
>> personalized environment settings, icons, and colors would appear.
But,
>> it hasn't worked for me on Solaris 2.5.
>>
>> Is there some variable in a system file that I need to tweak?

______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com

----- End Included Message -----



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:08 CDT