Re: mol
On Sun, Jun 22, 2003 at 12:17:35PM +0200, Jens Schmalzing wrote:
> Hi,
>
> David M. Cooke writes:
>
> > > if i want to run mol as any user it tells me that the program most
> > > be suid, so:
>
> > # chmod u+x /usr/lib/mol/bin/mol
>
> Nah. First, you probably meant u+s, and second, any changes you make to
> files from Debian packages without telling dpkg will be clobbered on
> the next upgrade. To let anybody run mol, do
>
> # dpkg-statoverride --update --add root root 4755 /usr/lib/mol/bin/mol
Whoops, you're right. And looking into my setup, that's what I had done :)
> Then again, you may not really want to allow anybody to run mol, but
> only a few selected users (to use the example from upstream, I will
> call them samuel and tux). In addition to adding allow and deny lines
> to /etc/mol/session.map, do the following:
>
> # addgroup --system mol
> # adduser samuel mol
> # adduser tux mol
> # dpkg-statoverride --update --add root mol 4710 /usr/lib/mol/bin/mol
You can also edit /etc/mol/session.map and add your users there. This
sgid approach would be more secure, though.
--
|>|\/|<
/--------------------------------------------------------------------------\
|David M. Cooke http://arbutus.physics.mcmaster.ca/dmc/
|cookedm@physics.mcmaster.ca
Reply to:
- References:
- Re: mol
- From: "David M. Cooke" <cookedm@physics.mcmaster.ca>
- Re: mol
- From: Jens Schmalzing <jens.schmalzing@physik.uni-muenchen.de>