07-14-2003
C program to kill root processes
Hello,
First let me start by saying I have searched the forum and read all the SUID stuff but it is not in the neighborhood I am looking for.
Here is the problem. We want to grant a non super-user permission to kill root processes but only if the process matches certain criteria. This particular userID is what we use to run several maintenance and data gathering scripts on our systems. The approach we have been taking is to write a C program that is owned by root with the SUID bit set for the user we want to have access to kill root processes.
The program accepts a PID and hostname. It then verifies the PID is owned by root and is a remsh to the given hostname. If it is, it will send a signal to the PID to kill it. I am on Solaris 9 and have tried usign both kill() and sigsend() with no success.
I have been reading on the web and I realize there have been some security changes in this area in the last few years. I do not see anything that would prevent this from working if the effective user is super-user.
Anyone have any ideas? If you have something similar I would love to see some code snippets, especially if you are setting the UID in the program. If anyone can give a reference stating this is not possible, that is cool to. We will explore sudo if that is the case.
Thanks,
Tony
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
i have a very short file that has in it a line for a find command.
now, when i run this script and I kill the script later, using the ps -ef | grep scriptname. i noticed kill -9 kills the script itself but does not kill the internal find command that it gave birth to.
say theres a file... (0 Replies)
Discussion started by: Terrible
0 Replies
2. Shell Programming and Scripting
Hi guys,
I am new to Unix shell scripting. Can anyone of you tell me how to kill all the processes at a time for a particular user?(No listing the process ID of each process in the kill -9 command).
Thanks in Advance,
-Hary (5 Replies)
Discussion started by: tadi18
5 Replies
3. Solaris
mqm 17700 16815 0 0:00 <defunct>
kill -9 does not work, even as root (10 Replies)
Discussion started by: csaunders
10 Replies
4. Solaris
how to kill the processes of aperticular user?
because i have nearly 25000 process are there for perticular user. i need to kill.
Please provide the information?
Regards,
Rajesh (3 Replies)
Discussion started by: pmrajesh21
3 Replies
5. Solaris
Hi,
How to kill the processes running under ptree ?
I am noticing lot of processes running under ptree with ssh ? I tried to kill with -9 option which is not working ?
Thanks,
Radhika. (2 Replies)
Discussion started by: radhirk
2 Replies
6. UNIX for Dummies Questions & Answers
Hi,
I am writing korn shell script. My requirement is, i have to kill the parent process and all of its child processes. Can some one please help me on this?
Thanks in advance for your help.. (1 Reply)
Discussion started by: Sheethal
1 Replies
7. Shell Programming and Scripting
for i in 'ps -f | grep textedit'
do
kill $i
done
I wrote this but it wont work.
I am trying to find processes and kill them.
Any help would be welcome. (1 Reply)
Discussion started by: hawaiifiver
1 Replies
8. Shell Programming and Scripting
Hi there, i've been searching all over and i thought i had understood the way i should go to kill all the processes related to a user. But i'm getting more confused then i was.
By lunch time i have to make a database backup, and for that all the users shoul logout. The problem is that many users... (4 Replies)
Discussion started by: vascobrito
4 Replies
9. Shell Programming and Scripting
Want to kill multiple processes by name. for the example below, I want to kill all 'proxy-stagerd_copy' processes.
I tried this but didn't work:
>> ps -ef|grep proxy_copy
root 991 986 0 14:45:34 ? 0:04 proxy-stagerd
root 1003 991 0 14:45:49 ? 0:01... (2 Replies)
Discussion started by: catalinawinemxr
2 Replies
10. AIX
Hi all,
I have about 5-6 daemons specific to my application running in the background. I am trying to write a script to stop them. Usually, I run them as a non-root ID, which is fine. But for some reason the client insists on using root.
I do have sudo.
I just tried something like this
... (4 Replies)
Discussion started by: jeffs42885
4 Replies
KILL(2) System Calls Manual KILL(2)
NAME
kill - send signal to a process
SYNOPSIS
kill(pid, sig);
DESCRIPTION
Kill sends the signal sig to the process specified by the process number in r0. See signal(2) for a list of signals.
The sending and receiving processes must have the same effective user ID, otherwise this call is restricted to the super-user.
If the process number is 0, the signal is sent to all other processes in the sender's process group; see tty(4).
If the process number is -1, and the user is the super-user, the signal is broadcast universally except to processes 0 and 1, the scheduler
and initialization processes, see init(8).
Processes may send signals to themselves.
SEE ALSO
signal(2), kill(1)
DIAGNOSTICS
Zero is returned if the process is killed; -1 is returned if the process does not have the same effective user ID and the user is not
super-user, or if the process does not exist.
ASSEMBLER
(kill = 37.)
(process number in r0)
sys kill; sig
KILL(2)