Administering user accounts

Changing system privileges

System privileges allow user processes to execute specific operating system services. For example, the ability to change ownership of a file is governed by the chown privilege. (The chown privilege allows the use of the chown(S) system call that enables chown(C) to work.)

In the Account Manager, select the user name, then select Privileges from the Users menu.

To change privileges assigned, deselect the Use system default privileges for this user account button. This allows you to assign a set of privileges specific to this account.

To add a privilege, select an entry the ``Not allowed'' column and click on the Add button.

To remove a privilege, select an entry in the ``Allowed'' column and click on the Remove button.

To change the privileges assigned by default, use this command:

usermod -D -x "{privs {list}}"

where list is one or more privileges separated by spaces.

You can change the value for an individual user with the usermod(ADM) command by omiting the -D option and appending the user name to the above command.

System privileges

Privilege Allows user processes to
configaudit configure audit subsystem parameters
writeaudit write audit records to the audit trail
execsuid run set-UID programs
chmodsugid to set set-UID and set-GID bit on files
chown to change the owner of an object
suspendaudit suspend operating system auditing of the process

NOTE: Restricted chown is required for NIST FIPS 151-1 conformance. The chown privilege should not be assigned to users if you wish to conform to NIST FIPS 151-1 requirements. The kernel parameter CHOWN_RES also controls this behavior; see the Performance Guide for more information.

Under the Low and Traditional security profiles, most system privileges are assigned by default and should not require modification. Under the High security profile, chmodsugid is not assigned by default. Most users require only execsuid to perform routine tasks. If the user needs to create files with the SUID or SGID bits, they must have chmodsugid. To change ownership of a file (``give it away''), the chown privilege is required. If a user does not have this privilege, ownership of files can only be changed by root. The audit privileges (configaudit, writeaudit, and suspendaudit) should never be assigned to anyone other than the audit administrator. They are intended for use by a program designed to run as a trusted application.

See also:

System privileges and authorizations

If you are operating with the High and Improved security profiles, you must assign certain system privileges when you assign subsystem authorizations. Although most of these are already assigned by default, they are listed in ``Subsystem privilege requirements'' in case you modify the defaults. One exception is the audit subsystem, which requires the addition of the configaudit and suspendaudit privileges. These privileges should never be assigned by default, or to ordinary users.

NOTE: Under the Low and Traditional security profiles, most privileges are already assigned by default.

Subsystem privilege requirements

Subsystem authorization Privilege required
audit configaudit, execsuid, writeaudit
auth execsuid, chown
backup execsuid
lp chown
cron chmodsugid, chown, execsuid
sysadmin chmodsugid, chown, execsuid

Next topic: Allowing users to skip login messages
Previous topic: Secondary authorizations

© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003