I'm working on a RHEL 6.7 machine. I'd like to make a script which is owned by root BUT could be launched by other users. However I still want the actions inside the script to be launched as root. So I want to set the suid bit on this script. Right now I have the following results:
[root@devmachine BACKUP]# chmod a+s fix_properties.sh
[root@devmachine BACKUP]# ls -halt fix_properties.sh
-r-sr-s-r-x 1 root root 42 May 12 00:08 fix_properties.sh
This is not good enough since a lambda user would be able to execute it but wouldn't benefit from the root permissions. After some digging I learned that it could be due to the way the FS is mounted. When I check the fstab file I see the following:
/dev/mapper/systemvg-op /opt ext3 defaults,nosuid,nodev 1 2
...
/dev/systemvg/opt_backup /opt/BACKUP ext4 acl,user_xattr 1 2
Does this mean that the nosuid will be also de rigueur on the /opt/BACKUP partition?
As a work-around, I guess I could assign this file to a particular group from which my target user is part of?
