#!/bin/sh # Change permissions, links so that a group of users can access the # diagnostic commands. # Originally (C) Christoph Lameter # Changes in 2007 and 2008 done by Michael Meskes <meskes@debian.org> # Placed under GPL COMMANDS="netwatch trafshow" errorexit() { echo -n "ERROR: " echo $1; exit 1; } if [ "x$1" = "x" ]; then echo "Usage: diagperm [set] <group allowed access to diagnostic commands> | unset" else if [ "`id -u`" -ne 0 ]; then errorexit "This program must be run by super-user (root)." fi if [ $1 = "unset" ] then for i in $COMMANDS; do if [ -x /usr/sbin/dpkg-statoverride ]; then dpkg-statoverride --remove /usr/sbin/$i || errorexit "Cannot suid unregister /usr/sbin/$i." fi if [ -f /usr/sbin/$i ]; then chgrp root /usr/sbin/$i chmod 0755 /usr/sbin/$i fi done else [ $1 = "set" ] && shift; if grep -q "^$1:" /etc/group; then for i in $COMMANDS; do if [ -x /usr/sbin/dpkg-statoverride ]; then dpkg-statoverride --update --add root $1 4754 /usr/sbin/$i || errorexit "Cannot suid register /usr/sbin/$i ." else # # this is a fallback for systems without dpkg # if [ -f /usr/sbin/$i ]; then chgrp $1 /usr/sbin/$i chmod 4754 /usr/sbin/$i fi fi done echo "Permissions enabled for members of group $1." else echo "Group $1 not in /etc/group." fi fi fi
Generated by dwww version 1.15 on Thu Jun 27 23:36:32 CEST 2024.