[luau] daemons running as root

cpaul at telemetrybox.org cpaul at telemetrybox.org
Tue Feb 11 15:14:01 PST 2003 

Here is a python script I wrote to change user ids for daemons:

#####

#!/usr/bin/env python
import os,pwd
from sys import argv

def c_uid(u):
	try:
		uid = int(u)
		os.setuid(uid)
	except ValueError:
		uid = pwd.getpwnam(u)[2]
		os.setuid(uid)
		
def c_dir(dir,chroot=0):
	os.chdir(dir)
	if chroot != 0 :
		os.chroot(dir)

if __name__ == "__main__":
	if len(argv) < 4:
		print "Usage: %s user directory command" % (argv[0])
	else:
		c_dir(argv[2])
		c_uid(argv[1])
		pid = os.spawnvpe(os.P_NOWAIT, argv[3], argv[3:], os.environ)
		print "%s running with pid: %s" % (argv[3], pid)


###

setuid(), chdir() and chroot() in the system should help too (for C)


peace,
charles


On Tue, Feb 11, 2003 at 01:31:49PM -1000, Brian Chee wrote:
> Actually I second that motion.....my wish is a way to start a program during
> boot (daemon) but run as a dedicated user (kinda like nobody) so that I can
> limit possible damage.  chroot comes to mind, but how to I get the program
> as a different user?
> 
> /brian chee
> 
> University of Hawaii ICS Dept
> Advanced Network Computing Lab
> 1680 East West Road, POST rm 311
> Honolulu, HI  96822
> 808-956-5797 voice, 808-956-5175 fax
> 
> ----- Original Message -----
> From: <tburns at despammed.com>
> To: <luau at videl.ics.hawaii.edu>
> Sent: Tuesday, February 11, 2003 1:13 PM
> Subject: [luau] daemons running as root
> 
> 
> > How does one get daemons to run as a user other than root?
> >
> > I tried using:
> >
> > su <username> -c <invoke daemon>
> >
> > but it doesn't seem to work. Are the daemons supposed to change their own
> privilege level?
> >
> > One problem is that the system I'm actually trying to fix is running IRIX,
> not linux. But there's usually enough common ground that I can figure out
> what will work on one from finding out what works on the other. Maybe not in
> this case.
> >
> > Dazed Dave
> > _______________________________________________
> > LUAU mailing list
> > LUAU at videl.ics.hawaii.edu
> > http://videl.ics.hawaii.edu/mailman/listinfo/luau
> 
> _______________________________________________
> LUAU mailing list
> LUAU at videl.ics.hawaii.edu
> http://videl.ics.hawaii.edu/mailman/listinfo/luau

More information about the LUAU mailing list