SETUID(1) General Commands Manual SETUID(1)NAME
setuid - run a command with a different uid.
SYNOPSIS
setuid username|uid command [ args ]
DESCRIPTION
Setuid changes user id, then executes the specified command. Unlike some versions of su(1), this program doesn't ever ask for a password
when executed with effective uid=root. This program doesn't change the environment; it only changes the uid and then uses execvp() to find
the command in the path, and execute it. (If the command is a script, execvp() passes the command name to /bin/sh for processing.)
For example,
setuid some_user $SHELL
can be used to start a shell running as another user.
Setuid is useful inside scripts that are being run by a setuid-root user -- such as a script invoked with super, so that the script can
execute some commands using the uid of the original user, instead of root. This allows unsafe commands (such as editors and pagers) to be
used in a non-root mode inside a super script. For example, an operator with permission to modify a certain protected_file could use a
super command that simply does:
cp protected_file temp_file
setuid $ORIG_USER ${EDITOR:-/bin/vi} temp_file
cp temp_file protected_file
(Note: don't use this example directly. If the temp_file can somehow be replaced by another user, as might be the case if it's kept in a
temporary directory, there will be a race condition in the time between editing the temporary file and copying it back to the protected
file.)
AUTHOR
Will Deich
local SETUID(1)
Check Out this Related Man Page
SETUID(2) Linux Programmer's Manual SETUID(2)NAME
setuid - set user identity
SYNOPSIS
#include <sys/types.h>
#include <unistd.h>
int setuid(uid_t uid);
DESCRIPTION
setuid sets the effective user ID of the current process. If the effective userid of the caller is root, the real and saved user ID's are
also set.
Under Linux, setuid is implemented like the POSIX version with the _POSIX_SAVED_IDS feature. This allows a setuid (other than root) pro-
gram to drop all of its user privileges, do some un-privileged work, and then re-engage the original effective user ID in a secure manner.
If the user is root or the program is setuid root, special care must be taken. The setuid function checks the effective uid of the caller
and if it is the superuser, all process related user ID's are set to uid. After this has occurred, it is impossible for the program to
regain root privileges.
Thus, a setuid-root program wishing to temporarily drop root privileges, assume the identity of a non-root user, and then regain root priv-
ileges afterwards cannot use setuid. You can accomplish this with the (non-POSIX, BSD) call seteuid.
RETURN VALUE
On success, zero is returned. On error, -1 is returned, and errno is set appropriately.
ERRORS
EPERM The user is not the super-user, and uid does not match the real or saved user ID of the calling process.
CONFORMING TO
SVr4, SVID, POSIX.1. Not quite compatible with the 4.4BSD call, which sets all of the real, saved, and effective user IDs. SVr4 documents
an additional EINVAL error condition.
LINUX-SPECIFIC REMARKS
Linux has the concept of filesystem user ID, normally equal to the effective user ID. The setuid call also sets the filesystem user ID of
the current process. See setfsuid(2).
If uid is different from the old effective uid, the process will be forbidden from leaving core dumps.
SEE ALSO getuid(2), setreuid(2), seteuid(2), setfsuid(2)Linux 1.1.36 1994-07-29 SETUID(2)
Hello there.
I'm trying do make a script capable of verifying if a given script is running at the moment in the environment, and if does, forbid it to execute.
So, I've coded this so far:
#!/bin/ksh
set CUR_SHELL="/bin/ksh"
set V1="VAR1"
set V2="VAR2"
ps -e -o args | grep "$CUR_SHELL... (16 Replies)
Hi all, i hope i got this in the right place, what i am trying to do is make a program only run by root, ie
for instance user fred is logged in and uses firefox, what id like to do is change that so that when fred wants to use firefox he will be asked to enter root password before he is allowed to... (14 Replies)
When my script is run, it will ask the user to enter some text and the user should be restricted not to enter more than 50 chars. Is there any command which I can use with "read" command? Help me please (18 Replies)
Hi All,
I have some requirement. i dont know if we can write some shell script to fulfill the requirement. Here is my requirement...
I have some files under /var/opt/abc/xyz like below.
-rw-r--r-- 1 root root 789222 Aug 14 11:03 big.sh
-rw-r--r-- 1 root root 789222 Aug 14 11:03 big.txt... (25 Replies)
hi all,
i need to capture all the files in a directory and its subdirectories that have owner name different than the root owner.
for one file it is " stat -c %U filename " but i need to search for each and every file and record it.
thanks in advance (14 Replies)
Hi,
I have a file with format
a b c d e
1 1 2 2 2
1 2 2 2 3
1 1 1 1 2
1 1 1 1 4
1 1 1 1 6
in column e i want to find all similar fields ( with perl script )and sum it how many are there
for instance in format above.
2 - 2 times
4 - 1 time
6 - 1 time
what i use is
... (14 Replies)
Hi,
I am using the korn shell script to check the particular process is running or not in Soloris.But this script started in my login and if I give ps -ef | grep 'pname' it is showing the user as root.I am not using any where the root login access.It is miserable why the root login is coming. (19 Replies)
I need an if code in shell script where it should continue to further commands after succesfully installing the executable file.
i.e. /run installer is continuing but in the middle it executes further commands like "cp /root/user which were given after /run installer.
I want /runinstaller... (16 Replies)
Hi everyone, I have an issue with a project of mine. I have to run a program on a terminal which requires to be logged in as su to have it run it. Given that I'm having problem to use expect to give the password I'd like to change the privilege of that program from SU to normal user ( I have the SU... (13 Replies)
Hi All
I have a ksh script, which is run as the root user. At some point in the script, it needs to check for the user that is running the script. ( The real user that su to root). This is on a sol 8 server, but it displays the user as root instead of my username.
root@host-1 # who am i |... (19 Replies)
Hello all, I am trying to create a script or a .command file that will run for me and my other techs on many, many Mac OSX computers that will add a file to the /etc/ folder called /etc/launchd.conf
Every time I try to run the script, I get "Permission Denied" when trying to put the file into... (13 Replies)
Hi,
I have the following 3 test files to test setuid bit which if it works I would like to implement in our application. However setuid doesnot seem to be having any impact on my test below.Following are the 3 files of interest in /tmp/ folder.
$ ls -ltr *env*
-rw------- 1 g332008 users 6... (23 Replies)
RHEL 6.2/Bash shell
root user will be executing the below script. It switches to oracle user and expect to do the following things
A. Source the environment variables for BATGPRD Database (the file used for sourcing is shown below after the script)
B. Shutdown the DB from sqlplus -- The... (13 Replies)
Hi,
I find there is some customized linux with application.
When I use login account root and type the password.
It is not allow to login.
But if I login with specified user and password.
Then I use command "su - " and type root passwd.
It allow you to switch to "root" account .
Or if i... (14 Replies)
Hi All, my script.sh has the below lines, and i need to run the script as root or wam. please tell me if this will work
#!/bin/bash
sudo -t wam /usr/local/wam/stopwam -r ------- this needs run as wam user
/usr/local/web/stopweb -a --- this needs to run as... (18 Replies)