Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

sxid(1) [debian man page]

SXID(1) 						      General Commands Manual							   SXID(1)

NAME

       sxid - check for changes in s[ug]id files and directories

SYNOPSIS

       sxid [ --config <file> ] [ --nomail ] [ --spotcheck ] [ --listall ]

DESCRIPTION

       Sxid  checks  for  changes in suid and sgid files and directories based on its last check. Logs are stored by default in /var/log/sxid.log.
       The changes are then emailed to the address specified in the configuration file. The default location for the config file is /etc/sxid.conf
       but this can be overridden with the --config option and specifying an alternate location.

OUTPUT

       The  program  outputs  several  different  checks concerning the current status of the suid and sgid files and directories on the system on
       which it was run. This is a basic overview of the format.

       In the add remove section, new files are preceded by a '+', old ones are preceded by a '-' NOTE: that removed does not mean gone  from  the
       filesystem, just that it is no longer sgid or suid.

       Most  of it is pretty easy to understand. On the sections that show changes in the file's info (uid, gid, modes...) the format is old->new.
       So if the old owner was 'mail' and it is now 'root' then it shows it as mail->root.

       The list of files in the checks is in the following format:

	       /full/path	       *user.group    MODE

       (MODE is the 4 digit mode, as in 4755)

       In the changes section, if the line is preceded by an 'i' then that item has changed inodes since the last check (regardless of any s[ug]id
       change), if there is an 'm' then the md5sum has changed.

       If a user or group entry is preceded by a '*' then it's execution bit is set (ie. *root.wheel is suid, root.*wheel is sgid, *root.*wheel is
       +s).

       On the forbidden directories, if ENFORCE is enabled an 'r' will precede forbidden items that were succesfully -s'd, and an  '!'	will  show
       that it was unsuccesfully -s'd (for what ever reason).

OPTIONS

       -c, --config <file>
	      specifies an alternate configuration file

       -n, --nomail
	      sends output to stdout instead of emailing, useful for spot checks

       -k, --spotcheck
	      Checks  for  changes by recursing the current working directory. Log files will not be rotated and no email sent. All output will go
	      to stdout.

       -l, --listall
	      Useful when doing --spotcheck or --nomail to list all files that are logged, regardless of changes.

AUTHOR

       Ben Collins <bcollins@debian.org>

REPORTING BUGS

       Report bugs to current maintainer Timur Birsh <taem@linukz.org>.

SEE ALSO

       sxid.conf(5)

sXid 4.0.5							   January 2002 							   SXID(1)

Check Out this Related Man Page

setresuid(2)							System Calls Manual						      setresuid(2)

NAME

       setresuid, setresgid - set real, effective, and saved user and group IDs

SYNOPSIS

DESCRIPTION

       sets the real, effective and/or saved user ID of the calling process.

       If  the	current  real,	effective  or saved user ID is equal to that of a user having appropriate privileges, sets the real, effective and
       saved user IDs to ruid, euid, and suid, respectively.  Otherwise, only sets the real, effective, and saved user IDs if ruid, euid, and suid
       each match at least one of the current real, effective, or saved user IDs.

       If ruid, euid, or suid is leaves the current real, effective or saved user ID unchanged.

       sets the real, effective and/or saved group ID of the calling process.

       If  the	current  real,	effective or saved user ID is equal to that of a user having appropriate privileges, sets the real, effective, and
       saved group ID to rgid, egid, and sgid, respectively.  Otherwise, only sets the real, effective and saved group ID if rgid, egid, and  sgid
       each match at least one of the current real, effective or saved group ID.

       If rgid, egid, or sgid is leaves the current real, effective or saved group ID unchanged.

   Security Restrictions
       Some  or  all  of  the actions associated with this system call require the privilege (CHSUBJIDENT).  Processes owned by the superuser will
       have this privilege.  Processes owned by other users may have this privilege, depending on system configuration.

       See privileges(5) for more information about privileged access on systems that support fine-grained privileges.

RETURN VALUE

       Upon successful completion, and return 0; otherwise, they return -1 and set to indicate the error.

ERRORS

       and fail if any of the following conditions are encountered:

	      ruid,	     euid, or suid (rgid, egid, or sgid) is not a valid user (group) ID.

	      None of the conditions above are met.

AUTHOR

       and were developed by HP.

SEE ALSO

       exec(2), getuid(2), setuid(2), privileges(5).

																      setresuid(2)
Man Page