tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Turner <tomcat-u...@johnturner.com>
Subject Re: running as diff. account
Date Thu, 24 Jul 2003 16:56:18 GMT

You didn't confuse me, but I don't see the point of the restrictions. 
accountA cannot run rsh?

Put your rsh command into a shell script.

Then in your JSP or servlet or whatever, call "su - accountB -c 
rsh_script.sh"

sudo would probably be better, you will have to give accountA the right 
to be accountB without having to enter a password.

There are other ways to do this, in my mind they are better.  For things 
like this I just use xinetd and setup a service that runs whatever 
command I want and sends the results back.

John

Astrid Wagner wrote:

> 
> 
> John Turner wrote:
> 
>>
>> You're right, file ownership has nothing to do with run privileges.
>>
>> Can you clarify what you need?
>>
>> Is accountB the only account allowed to use rsh?  Or are you saying 
>> that you want to use rsh to login into a remote host as accountB, but 
>> accountA will launch rsh? 
> 
> 
> OK. We allow a certain account "accountB" to be able to rsh on users 
> machine with the user's account so
> for example we can check their proper installation etc.
> Therefore what I want to do is for example have accountB run "rsh -l 
> userA userAmachine  'ls /home/userA/someDir'"
> The .rhosts file of the users allow that access.
> But tomcat as well as all DB related things run as a different account 
> "accountA".
> So how can I get accountB to run the rsh command?
> I hope I did not confuse you too much ?!
> Astrid
> 



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message