Hi, I am UM and I’d to know how can I do that only a group of users can execute a program. In my case, I installed wireshark, and it only captures if you have permission. So I created a group called “wireshark” and I would like to know how can I do that the users in this group can use the program, even if they don’t have root privileges.
Thank you
In a terminal, sudo dpkg-reconfigure wireshark-common
and answer Yes to allow non-root to run wireshark. Then add each user to the wireshark group, have them logout/login and you should be all set.
REF: http://askubuntu.com/questions/74059/how-do-i-run-wireshark-with-root-privileges
1 Like
If the users are created normally, then their default group will be their own group.
In order to make use of those group permissions, they might have to issue the following command:
newgrp wireshark
Yes, I know that exists this option for wireshark. But I want to know how could I do it for any program, so that only the users in a group could execute it. Where do I have to change the permissions for the program and the group. I just put an example with wireshark for this case, but I could I configure it without this option, once it is installed. I just started in linux and I am a bit los in this topic.
Thanks for your answer
Example:
Create a group called marketing (addgroup marketing). Create a file called
/usr/local/bin/listing, with contents, df -h, give it permissions 750
(chmod 750 /usr/local/bin/listing) and add to marketing group (chgrp
marketing /usr/local/bin/listing).
ls -l /usr/local/bin/listing, -rwxr-x— 1 pavlos marketing 6 Apr 3 07:28
/usr/local/bin/listing
(read this as, the program listing is owned by pavlos, group is marketing,
owner can rwx and members of the group can r-w. Others have no access to
this program.)
login to that host (intel) as pavlos and am able to execute that file,
eventhough I don’t belong in group marketing (I am the owner of that file
who has rwx).
login as another user, lupus (who does not belong to group marketing or is
the owner)
lupus@intel:~$ listing
bash: /usr/local/bin/listing: Permission denied
Now, I add user lupus to group marketing (adduser lupus marketing)
login as lupus again, I can execute listing.
Then, I remove group marketing from lupus (deluser lupus marketing)
Login as lupus, again, I get permission denied when executing listing.
HTH