0

In general, does a user have to log in to run a process and become its owner (ruid, or euid)? Does this apply to any user or any non-root user? For example:

  • In the boot sequence of Linux, the kernel starts the init system as the first process, and then the init process runs login so that each user can login. The init process is owned by root, and does the user root have to log in before starting the init process? See Why is there a `systemd` process owned by each user that is logged in?

  • When using ssh to run a command without starting an interactive shell, do we have to log in first or not to run the command?

If I don't need to log in to run a process as its owner, how can I do that?

Thanks.

Tim
  • 101,790
  • When you SSH into a machine, you provide credentials (either by password or public key) to prove that you have adequate access right to the system as the user that you say you are. This constitutes a logging in. As for the first question, do you know the difference between a service account and an account for an interactive user? See e.g. What is the difference between user and service account? – Kusalananda Dec 19 '18 at 13:19
  • Thanks. How can a service user start a process as its owner or become its owner later? – Tim Dec 19 '18 at 14:08
  • What do you mean by "owner" in this context? A process runs under a uid, has a primary gid, a set of secondary gids, potentially a set of capabilities. There is a parent process (which may be init or another process) and there may be some child processes. I'm not sure what you mean by "owner"... – Stephen Harris Dec 19 '18 at 15:04

1 Answers1

3

No, you don’t need to log in to start a process running as a given user. Logging in is a user-space construct; the kernel doesn’t care about that. There are multiple examples of this; for example, cron jobs can run as any user, without that user being logged in.

To address your specific questions:

  • no, root doesn’t need to log in to start the init process, thankfully (imagine handling a fleet of thousands of servers and millions of VMs otherwise);
  • connecting using SSH counts as logging in.
Stephen Kitt
  • 434,908
  • Thanks. If I want run a process as its owner without logging in, how can I do that? Is the only way to call setuid() or seteuid() in the program run by the process? – Tim Dec 19 '18 at 13:39
  • That’s another question. – Stephen Kitt Dec 19 '18 at 13:39
  • Could you explain what you meant by "logging in"? That has led to several other questions. – Tim Dec 21 '18 at 01:34