HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: setuid, change executive user
Operating System - HP-UX
1834007
Members
2007
Online
110063
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-30-2002 06:46 AM
10-30-2002 06:46 AM
setuid, change executive user
To change the executive user of my process to the user P_userName, I perform in the source file :
struct passwd *L_passwd = getpwnam(P_userName);
setuid(L_passwd->pw_uid);
The users on my system are (see attachement for details) : root:sms, smsdba:sms, sms_26:sms, smsop:sms.
Below the result of setuid function :
root:sms to smsdba:sms
-> OK (setuid returns 0)
smsop:sms to sms_26:sms
-> NOK (setuid returns -1)
errno set to EPERM
smsdba:sms -> sms_26:sms
-> NOK (setuid returns -1)
errno set to EPERM
The same behavior as far as current user is not root.
Why the executive user change does not work when initial user is not root ?
How to change the effective execution user to sms_26 if the process is launched by smsop from command line ?
See attached files : swlist, /etc/passwd appended
Thank you in advance
Best regards.
Alain
struct passwd *L_passwd = getpwnam(P_userName);
setuid(L_passwd->pw_uid);
The users on my system are (see attachement for details) : root:sms, smsdba:sms, sms_26:sms, smsop:sms.
Below the result of setuid function :
root:sms to smsdba:sms
-> OK (setuid returns 0)
smsop:sms to sms_26:sms
-> NOK (setuid returns -1)
errno set to EPERM
smsdba:sms -> sms_26:sms
-> NOK (setuid returns -1)
errno set to EPERM
The same behavior as far as current user is not root.
Why the executive user change does not work when initial user is not root ?
How to change the effective execution user to sms_26 if the process is launched by smsop from command line ?
See attached files : swlist, /etc/passwd appended
Thank you in advance
Best regards.
Alain
Alain Szalajski
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-30-2002 07:09 AM
10-30-2002 07:09 AM
Re: setuid, change executive user
If you want this to work, for example to set the uid of sms to that of sms_26, you must
first do a chown sms_26 myprog
anfd then set the setuid bit of the executable via chmod 4755 myprog. Then the setuid will work. You also have the option of using the setprivgrp command to grant PRIV_SETRUGID to certain users. Man 1m setprivgrp for details.
first do a chown sms_26 myprog
anfd then set the setuid bit of the executable via chmod 4755 myprog. Then the setuid will work. You also have the option of using the setprivgrp command to grant PRIV_SETRUGID to certain users. Man 1m setprivgrp for details.
If it ain't broke, I can fix that.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-30-2002 07:37 AM
10-30-2002 07:37 AM
Re: setuid, change executive user
Thanks a lot.
Alain Szalajski
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-30-2002 07:47 AM
10-30-2002 07:47 AM
Re: setuid, change executive user
You should do a ls -l of your executable to make sure that the setuid bit is set.
It should look something like this:
-rwsr-xr-x 1 sms_26 smsgrp ... ... myprog
There is also a setgid bit (2000 octal) that has the equivalent role for groups should you need to also do a setgid() call.
If there were no such facility then anyone could become anyone else via the setuid() system call - not a very secure world.
It should look something like this:
-rwsr-xr-x 1 sms_26 smsgrp ... ... myprog
There is also a setgid bit (2000 octal) that has the equivalent role for groups should you need to also do a setgid() call.
If there were no such facility then anyone could become anyone else via the setuid() system call - not a very secure world.
If it ain't broke, I can fix that.
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP