#!/bin/sh
# Change permissions, links so that a group of users can access the
# diagnostic commands.
# Originally (C) Christoph Lameter
# Changes in 2007 and 2008 done by Michael Meskes <meskes@debian.org>
# Placed under GPL
COMMANDS="netwatch trafshow"
errorexit()
{
echo -n "ERROR: "
echo $1;
exit 1;
}
if [ "x$1" = "x" ]; then
echo "Usage: diagperm [set] <group allowed access to diagnostic commands> | unset"
else
if [ "`id -u`" -ne 0 ]; then
errorexit "This program must be run by super-user (root)."
fi
if [ $1 = "unset" ]
then
for i in $COMMANDS; do
if [ -x /usr/sbin/dpkg-statoverride ]; then
dpkg-statoverride --remove /usr/sbin/$i || errorexit "Cannot suid unregister /usr/sbin/$i."
fi
if [ -f /usr/sbin/$i ]; then
chgrp root /usr/sbin/$i
chmod 0755 /usr/sbin/$i
fi
done
else
[ $1 = "set" ] && shift;
if grep -q "^$1:" /etc/group; then
for i in $COMMANDS; do
if [ -x /usr/sbin/dpkg-statoverride ]; then
dpkg-statoverride --update --add root $1 4754 /usr/sbin/$i || errorexit "Cannot suid register /usr/sbin/$i ."
else
#
# this is a fallback for systems without dpkg
#
if [ -f /usr/sbin/$i ]; then
chgrp $1 /usr/sbin/$i
chmod 4754 /usr/sbin/$i
fi
fi
done
echo "Permissions enabled for members of group $1."
else
echo "Group $1 not in /etc/group."
fi
fi
fi
Generated by dwww version 1.15 on Thu Jun 27 23:36:32 CEST 2024.