Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Running a Unix command as a different user
Top Forums UNIX for Advanced & Expert Users Running a Unix command as a different user Post 302176292 by Andrewkl on Tuesday 18th of March 2008 02:44:04 AM
Old 03-18-2008
Running a Unix command as a different user
hi,

I wrote a C program (runas.c) that runs a command as a different user.
The problem I'm having is that the new user's group membership isn't going into
effect. Take the following scenario:

I login as "kirk". I need to run some commands as "spock". kirk and spock belong
to these Unix groups:

Code:
$ groups kirk spock
  kirk :  human starfleet
  spock : vulcan starfleet
  
$ ls -lR /tmp/.z:
  total 16
  -rw-rw-r--   1 kirk    human             0 Mar 17 22:37 aa
  drwxrwxr-x   2 sarek   vulcan          117 Mar 17 22:38 adir
  
  /tmp/.z/adir:
  total 0

$ /bin/id
  uid=5418(kirk) gid=29(human)

$ runas spock /bin/id
  uid=7643(spock) gid=35(vulcan)

$ runas spock /bin/touch /tmp/.z/adir/zz
  touch: /tmp/.z/adir/zz cannot create

Even though the runas utility becomes "spock" without any problems, the "touch"
command can't create "/tmp/.z/adir/zz" because for some reason, the OS
still sees kirk's group membership instead of spock's group membership.

The following is a listing of my C program (runas.c)
What changes must I make so that the group membership of the new user
takes effect?

Thanks in advance
--Andrew

Code:
$ cat runas.c

     #include <stdio.h>
     #include <sys/types.h>
     #include <unistd.h>
     #include <pwd.h>
     #include <grp.h>
     
     main(int argc, char *argv[])
     {
         struct passwd *pw;
         struct group *grp;
         char *args[argc];
         char command[60];
         int i;
         char user[20];
         
         if (argc >= 3) {
             strcpy(user, argv[1]);
             strcpy(command, argv[2]);
         } else {
             exit(1);
         }
         
         if (setuid(0) != 0) {
             printf("Cannot proceed...This program doesn't have the proper permissions!\n"); 
             exit(2);
         }
         
         /* additional security checks go here... */
         
         pw = getpwnam(user);          /* get password record for specified user. */
         if (pw == NULL)
            {
             printf("%s is an invalid username.\n", user );
             exit(3);
            }
         
         i = setreuid(pw->pw_uid, pw->pw_uid);  /* become the specified user! */
         if (i != 0) 
            {
             printf("setreuid() failed...\n");
             exit(5);
            }
         
         for (i = 2; i < argc; i++)  {    
              args[i - 2] = (char *)malloc(strlen (argv [i]) * sizeof(char) + 1); 
              strcpy(args[i - 2], argv[i]);     
         }
         args[argc - 2] = NULL;
          
         execv(command, args); 
         printf("%s: execv() failed!!!\n\n", argv[0]);
     
     } /* main() */

Last edited by Yogesh Sawant; 03-18-2008 at 09:26 AM.. Reason: added code tags
 

10 More Discussions You Might Find Interesting

1. AIX

Running su command from normal user

Hi, I have to write a functionality on AIX m/c, in which I have to execute su command from some normal user (other than root). I have created two users, u1 and u2 and put both the users in same group. I logged in with user u1 and tried to su to u2 but was not able to do so. Where as if i... (2 Replies)
Discussion started by: shailendrat
2 Replies

2. UNIX for Advanced & Expert Users

Running windows command from Unix

-------------------------------------------------------------------------------- Hi, Is there any way to invoke a Windows command from Unix ?? For eg: I want to track down a user executing a script and want to send him a message through net send in windows .. I am able to get the user... (1 Reply)
Discussion started by: Sabari Nath S
1 Replies

3. Shell Programming and Scripting

Running windows command from Unix

Hi, Is there any way to invoke a Windows command from Unix ?? For eg: I want to track down a user executing a script and want to send him a message through net send in windows .. I am able to get the user machines ip ... and since I want my message to be popped up in users screen, wud... (4 Replies)
Discussion started by: Sabari Nath S
4 Replies

4. UNIX for Dummies Questions & Answers

jar command not running in Unix

Hi , I am working in Sun SOlaris 9 and trying to extract a particular jar file in my home. I am giving command "jar xv <filename>" But it just hangs and does nothing ? Any pointers why this is happenning ? or how can I see contents of a jar file? Thanks (2 Replies)
Discussion started by: hkapil
2 Replies

5. AIX

Running unix command from windows? How?

Hello Folks, I have a need to execute certain scripts on a regular basis on a number of (AIX) servers. What I had in mind, is to accomplish this using ssh/rsh, auto login. Initially I developped the script, which can be invoked from one of the AIX servers (by loggin into the first host), and... (4 Replies)
Discussion started by: haroon_a
4 Replies

6. Shell Programming and Scripting

Running AT command as a different user

Hi, I have a website that needs to do the following functionality: On the admin site, a user will enter will enter a datatime. From this, a cronjob (or equivalent) must be created to run "myscript.sh" at that time. In the php admin page I have this code: $time = '2010-02-10 15:00:00';... (0 Replies)
Discussion started by: nkittie
0 Replies

7. UNIX for Dummies Questions & Answers

How do you print the number of processes that each user is currently running in Unix?

Ok, so I know there's a way to do this, but I've been trying to find out all afternoon with no luck. I think it should print out something like this: 1 bin 2 daemon 6 duo Where the numbers on the left are the number of processes being run by the user whose name is listed on the right. Is... (4 Replies)
Discussion started by: Duo11
4 Replies

8. UNIX for Dummies Questions & Answers

running unix command from java

Hi All, I have been struggling for a week trying to run a unix command from my java program. the unix command is: ssh dmdev3@tsapid01-zt3d01 ':> /t3/envs/dmdev3/test/file_list.txt' when i try to run this command directly on my unix console, it works perfectly. but when i try it form... (12 Replies)
Discussion started by: madhu_sharan
12 Replies

9. UNIX for Beginners Questions & Answers

Need help running a Foxbase command in UNIX

Hello, I'm new to Unix and need the help of an expert. How can I run a foxbase command "DO perform FoxBase program" in Unix? Thank you (1 Reply)
Discussion started by: webuxer
1 Replies

10. UNIX for Beginners Questions & Answers

Running a command as another non-root user

Hi, I am trying to run a command within my KSH script as another user due to permission issues, now both users are non root. I have tried the following command and was unsuccessful: echo "<password>" | sudo -S -u <username> -k command Can I use sudo to run a command as a non-root user? (5 Replies)
Discussion started by: MIA651
5 Replies

LEARN ABOUT MOJAVE

dsmemberutil

dsmemberutil(1) 					    BSD General Commands Manual 					   dsmemberutil(1)

NAME

     dsmemberutil -- various operations for the membership APIs, including state dump, check memberships, UUIDs, etc.

SYNOPSIS

     dsmemberutil [-v] [-h] command [options]

DESCRIPTION

     dsmemberutil is a program that implements the membership API calls in a command line utility.

FLAGS

     A list of flags and their descriptions:

     -h      Lists the options for calling dsmemberutil

     -v      Causes dsmemberutil to operate in verbose mode.

COMMANDS

     The action of each command is described below:

     getuuid -ugUGsS value
		 Takes any of the options and returns the associated UUID.

     getid -UGsSX value
		 Takes any of the options and returns the associated UID or GID depending on option provided.

     getsid -ugUGX value
		 Takes any of the options and returns the associated SID.

     checkmembership -uUxs param -gGXS param
		 Returns if a user or group with the associated option is a member of the group.

     flushcache  Flushes the current membership cache.

     Legacy commands such as dumpstate and statistics are gone. See odutil(1) for show cache and statistics operations.

     A list of options available. In some cases -xX and -sS can be used synonymously due to nature of the value.

     -u uid	      Using user with UID

     -U name	      Using user with name

     -s sid	      Using user with SID

     -x uuid	      Using user with UUID

     -g gid	      Using group with GID

     -G name	      Using group with name

     -S sid	      Using group with SID

     -X uuid	      Using group with UUID

EXAMPLES

     Get a user's uuid:
		    % dsmemberutil getuuid -u 501
		    EEA4F2F6-B268-49E7-9C6F-E3C4A37DA4FD

     Get a group's uuid
		    % dsmemberutil getuuid -g 0
		    ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000000

     Get a user's or group's id from a uuid
		    % dsmemberutil getid -X ABCDEFAB-CDEF-ABCD-EFAB-CDEF0000000C
		    gid: 12

     Check a user's membership in a group (using UID and GID)
		    % dsmemberutil checkmembership -u 501 -g 0
		    user is not a member of the group

     Check a user's membership in a group (using names)
		    % dsmemberutil checkmembership -U root -G wheel
		    user is a member of the group

SEE ALSO

     odutil(1), dseditgroup(1), dscacheutil(1)

Darwin								    Jan 1, 2007 							    Darwin
All times are GMT -4. The time now is 09:28 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy