Solaris Change File Ownership as non root Account

If you have a process running as non root or just need to enable a normal user to take ownership of files they don't own this is what you need to do.

My first attempt was changing a file that was owned by root. That is not what I needed but as shown here that requires a privilege called "ALL".

 
$ ppriv -De chown ebs_a /tmp/file1.txt
chown[999]: missing privilege "ALL" (euid = 304, syscall = 16) needed at tmp_setattr+0x60
chown: /tmp/file1.txt: Not owner

This attempt is to change a file owned by nobody and that is what my process will be requiring.

$ ppriv -De chown ebs_a /tmp/file1.txt
chown[1034]: missing privilege "file_chown" (euid = 304, syscall = 16) needed at tmp_setattr+0x60
chown: /tmp/file1.txt: Not owner

So as shown above we needed file_chown. I am adding that privilege as below. You will note I have some other permissions already added for different requirements.

# grep ^ebs_a  /etc/user_attr
ebs_a::::type=normal;defaultpriv=basic,sys_mount,sys_nfs,net_privaddr,file_chown;auths=solaris.smf.manage.xvfb,solaris.smf.value.xvfb

Ok now we try again and it worked.

# su - ebs_a
[..]
$ ppriv -De chown ebs_a /tmp/file1.txt

$ ls -l /tmp/file1.txt
-rw-r--r--   1 ebs_a root           0 Mar 25 06:24 /tmp/file1.txt

And of course you don't need to use ppriv now just simply chown and it should work.