Mar 26

Solaris Change File Ownership as non root Account

If you have a process running as non root or just need to enable a normal user to take ownership of files they don't own this is what you need to do.

My first attempt was changing a file that was owned by root. That is not what I needed but as shown here that requires a privilege called "ALL".

 
$ ppriv -De chown ebs_a /tmp/file1.txt
chown[999]: missing privilege "ALL" (euid = 304, syscall = 16) needed at tmp_setattr+0x60
chown: /tmp/file1.txt: Not owner

This attempt is to change a file owned by nobody and that is what my process will be requiring.

$ ppriv -De chown ebs_a /tmp/file1.txt
chown[1034]: missing privilege "file_chown" (euid = 304, syscall = 16) needed at tmp_setattr+0x60
chown: /tmp/file1.txt: Not owner

So as shown above we needed file_chown. I am adding that privilege as below. You will note I have some other permissions already added for different requirements.

# grep ^ebs_a  /etc/user_attr
ebs_a::::type=normal;defaultpriv=basic,sys_mount,sys_nfs,net_privaddr,file_chown;auths=solaris.smf.manage.xvfb,solaris.smf.value.xvfb

Ok now we try again and it worked.

# su - ebs_a
[..]
$ ppriv -De chown ebs_a /tmp/file1.txt

$ ls -l /tmp/file1.txt
-rw-r--r--   1 ebs_a root           0 Mar 25 06:24 /tmp/file1.txt

And of course you don't need to use ppriv now just simply chown and it should work.

Comments Off on Solaris Change File Ownership as non root Account
comments

Reply