C program to kill root processes


 
Thread Tools Search this Thread
Top Forums Programming C program to kill root processes
# 1  
Old 07-14-2003
C program to kill root processes

Hello,
First let me start by saying I have searched the forum and read all the SUID stuff but it is not in the neighborhood I am looking for.

Here is the problem. We want to grant a non super-user permission to kill root processes but only if the process matches certain criteria. This particular userID is what we use to run several maintenance and data gathering scripts on our systems. The approach we have been taking is to write a C program that is owned by root with the SUID bit set for the user we want to have access to kill root processes.

The program accepts a PID and hostname. It then verifies the PID is owned by root and is a remsh to the given hostname. If it is, it will send a signal to the PID to kill it. I am on Solaris 9 and have tried usign both kill() and sigsend() with no success.

I have been reading on the web and I realize there have been some security changes in this area in the last few years. I do not see anything that would prevent this from working if the effective user is super-user.

Anyone have any ideas? If you have something similar I would love to see some code snippets, especially if you are setting the UID in the program. If anyone can give a reference stating this is not possible, that is cool to. We will explore sudo if that is the case.

Thanks,
Tony
# 2  
Old 07-14-2003
Well, I agree with you....if the effective uid is root it should work.

If you are finding that it doesn't work, you must have a bug in your program.
# 3  
Old 07-15-2003
Thanks for the reality check. If I get it working I will post the important parts so others can use it.
# 4  
Old 07-15-2003
Here is most of the code minus the logic specific to my case. It may not be the cleanest way, but it works for me. I have more includes then are needed but that is for other stuff I am doing in the same binary. chmod 4555 with this does what I wanted.
Code:
#include <stdio.h>
#include <signal.h>
#include <sys/types.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>

main(int argc, char *argv[] )
{
  int kill_ret;
  int pid;
  char cmd[200]="ps -ef |grep stuff I am looking for";
  char buf[BUFSIZ];
  char *output;
  FILE *ptr;

  if (argc <= 2) {
  usage:
      printf("usage: killremsh pid host\n");
      exit(2);
  }
  if ((ptr = popen(cmd, "r")) != NULL)
    while (fgets(buf, BUFSIZ, ptr) != NULL)
    {
      pid=atoi(argv[1]);
      kill_ret=sigsend(P_PID, pid , 9);
    }  
    (void) pclose(ptr);

code tags added for readability -- Perderabo

Last edited by Perderabo; 07-16-2003 at 12:41 PM..
# 5  
Old 07-16-2003
Are you sure that your program is working properly? It looks like you're repeatedly killing the same pid. Shouldn't you be getting your pid's from the output you're reading via popen?
# 6  
Old 07-16-2003
Hi Perderabo,
The while loop only executes once in my case as my cmd only finds 1 matching pid based on the "stuff I am looking for". I agree that if it found more then one match, it would try to kill the same pid multiple times. If I have time down the road, I hope to clean this up quite a bit by either parsing the data from popen or by using the one of the structs mentioned in proc(4), but it works for what we need it to do today.
Thanks,
Tony
# 7  
Old 07-16-2003
Even if the while executes only once, the output from the ps|grep is not dependent on the pid supplied as argument 1.

Thus if the target program is running (as verified by the ps|grep), the program will then attempt to kill whatever was supplied as argument 1.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. AIX

Kill multiple processes ran by root

Hi all, I have about 5-6 daemons specific to my application running in the background. I am trying to write a script to stop them. Usually, I run them as a non-root ID, which is fine. But for some reason the client insists on using root. I do have sudo. I just tried something like this ... (4 Replies)
Discussion started by: jeffs42885
4 Replies

2. Shell Programming and Scripting

kill multiple processes by name

Want to kill multiple processes by name. for the example below, I want to kill all 'proxy-stagerd_copy' processes. I tried this but didn't work: >> ps -ef|grep proxy_copy root 991 986 0 14:45:34 ? 0:04 proxy-stagerd root 1003 991 0 14:45:49 ? 0:01... (2 Replies)
Discussion started by: catalinawinemxr
2 Replies

3. Shell Programming and Scripting

kill all user processes

Hi there, i've been searching all over and i thought i had understood the way i should go to kill all the processes related to a user. But i'm getting more confused then i was. By lunch time i have to make a database backup, and for that all the users shoul logout. The problem is that many users... (4 Replies)
Discussion started by: vascobrito
4 Replies

4. Shell Programming and Scripting

Kill processes

for i in 'ps -f | grep textedit' do kill $i done I wrote this but it wont work. I am trying to find processes and kill them. Any help would be welcome. (1 Reply)
Discussion started by: hawaiifiver
1 Replies

5. UNIX for Dummies Questions & Answers

Need help to kill parent and all of its sub processes

Hi, I am writing korn shell script. My requirement is, i have to kill the parent process and all of its child processes. Can some one please help me on this? Thanks in advance for your help.. (1 Reply)
Discussion started by: Sheethal
1 Replies

6. Solaris

kill the processes seen under ptree

Hi, How to kill the processes running under ptree ? I am noticing lot of processes running under ptree with ssh ? I tried to kill with -9 option which is not working ? Thanks, Radhika. (2 Replies)
Discussion started by: radhirk
2 Replies

7. Solaris

kill processes

how to kill the processes of aperticular user? because i have nearly 25000 process are there for perticular user. i need to kill. Please provide the information? Regards, Rajesh (3 Replies)
Discussion started by: pmrajesh21
3 Replies

8. Solaris

how do I kill defunct processes?

mqm 17700 16815 0 0:00 <defunct> kill -9 does not work, even as root (10 Replies)
Discussion started by: csaunders
10 Replies

9. Shell Programming and Scripting

Unix Kill processes

Hi guys, I am new to Unix shell scripting. Can anyone of you tell me how to kill all the processes at a time for a particular user?(No listing the process ID of each process in the kill -9 command). Thanks in Advance, -Hary (5 Replies)
Discussion started by: tadi18
5 Replies

10. Shell Programming and Scripting

kill all processes

i have a very short file that has in it a line for a find command. now, when i run this script and I kill the script later, using the ps -ef | grep scriptname. i noticed kill -9 kills the script itself but does not kill the internal find command that it gave birth to. say theres a file... (0 Replies)
Discussion started by: Terrible
0 Replies
Login or Register to Ask a Question