Return to BSD News archive
Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!msuinfo!agate!howland.reston.ans.net!cs.utexas.edu!uunet!ihz.compuserve.com!csi.compuserve.com!not-for-mail From: dneedham@csi.compuserve.com (Douglas Wade Needham) Newsgroups: comp.unix.bsd Subject: Re: newgrp help Date: 26 Apr 1994 10:54:14 -0400 Organization: CompuServe Incorporated Lines: 50 Message-ID: <2pj9um$507@dneedham.inhouse.compuserve.com> References: <1994Apr21.215959.6969@hns.com> NNTP-Posting-Host: dneedham.inhouse.compuserve.com In article <1994Apr21.215959.6969@hns.com> elufker@hns.com (Ed Lufker) writes: >Hi All: > > I am having a problem with the newgrp command in the below script. It >seems that when running this script it stops at line 2. The files in /testdir >cannot be seen by any other gid only opseng. Does anyone have any ideas on how >I might get around this problem. /testdir is a novell directory that is NFS >mounted. I would just like to see if file.tmp exists and if it does I want to >copy it to its new home. ... >#!/bin/csh -f >/bin/newgrp opseng [remainder deleted for brevity] Eddie, if by line 2, you mean the newgrp command itself, then I am not surprised. Both newgrp and su break the command "thread" effectivly by either exec'ing a new shell (newgrp), or by a fork/exec of a new shell (su). The actual mechanism may vary somewhat, but you generally do not execute any lines following newgrp in a shell script, and you generally execute the lines following a su only after you exit the su. How do you get around this? I have seen some versions hacked to support SUID/SGID shell scripts (a major security hole in most cases), but you are probably better just writing a c program, compiling it, and as the administrator, installing it with the correct permissions. However, since you do not seem to have root access yourself (or multiple individuals who do not have it need to do this), then you might want to talk to your administrator, give them the ***source***, and let them compile and install the program (if they will). If you have a valid need and they are worth anything, they probably will, but (here is where the worth comes in) ONLY if you give them the source and they compile/install it. And even then, the program should be of limited life. And either way, root access will be needed to set the SUID/SGID bits as needed. However, this all comes down to the question of "Why do you need to do this at all?" That is something which you will need to discuss with the administrator/co-administrators (or yourself if that is you). Hope this helps... - doug ******************************************************************************* My options are my own. Since I do not want them, why should my employer? 8) Douglas Wade Needham BSD kernel programmer Email: dneedham@csi.compuserve.com -or- dneedham@oucsace.cs.ohiou.edu USnail: Compuserve 216 S. Burgess Ave. 5000 Arlington Centre Blvd. Columbus OH 43204 Columbus, OH 43220 Voice: (614)457-8600 (614)274-0769