0

If I have a script that does some root actions called /sbin/root_stuff and I wanted user bob to have this script run as his shell when he logs in via SSH, I know I can set his shell to a script that runs sudo /sbin/root_stuff and then edit sudoers to allow this without a password for user bob. Shell scripts don't support SetUID root as far as I know, are there any other supported methods and/or best practices to accomplish this type of thing without using sudo? Linux kernel 2.6 or higher with Bash 4.x.

Gilles 'SO- stop being evil'
  • 829,060
Gregg Leventhal
  • 7,590
  • Can you chroot him? – mikeserv Mar 15 '14 at 18:08
  • Alternatively you could mount --bind /dev/null over stuff he shouldn't touch - including mount. – mikeserv Mar 15 '14 at 18:16
  • What kind of stuff? There may be specific solutions for the specific actions. – terdon Mar 15 '14 at 19:11
  • You typically see actual executables that are SUID or Perl scripts. Perl scripts can be made to run SUID. Can you explain what you're actually hoping to run as SUID? That might help us answer your question(s) better. – slm Mar 15 '14 at 21:38
  • As an example: Permissions for a submission script. You can read more about it: perlsec – slm Mar 15 '14 at 21:40
  • 1
    Sudo is the right answer. Why are you looking for something else? – Gilles 'SO- stop being evil' Mar 15 '14 at 23:45
  • I want the script to be the login script for this user. The action of the script is to delete some specific web pages from a production web server when they become irrelevant. The user is not allowed to access the filesystem, so this script was created to automate the removal of pages he specifies without giving filesystem access. Currently the login shell is set to a script which calls the actual script with sudo scriptname, and the user is allowed to run only this script with sudo and no password. Perhaps sudo is the only solution, but I dont like calling one script fron another for this – Gregg Leventhal Mar 16 '14 at 01:56
  • @Gilles What is the best practice for making a script which runs under sudo, the login shell for a user? Would you make the login shell a script that just does sudo script2 and have script2 be the actual script? – Gregg Leventhal Mar 16 '14 at 15:02
  • @GreggLeventhal What you're doing seems like a valid approach to me. – Gilles 'SO- stop being evil' Mar 16 '14 at 15:04
  • @mikeserv This version of Openssl doesn't have the chroot directory directive in sshd_config. – Gregg Leventhal Mar 16 '14 at 15:48
  • You could mount --share only the directory you want the user to see into his home or something, but probably what you're already doing is fine. I don't much like sharing computers for just these reasons and I wouldn't feel competent enough to hazard an answer to this question with any degree of certainty. I guess what I'm saying is - grain of salt. – mikeserv Mar 17 '14 at 04:09

1 Answers1

1

Most Linux distributions disallow scripts (started by #!, shebang) running SUID/SGID (even when the bits are set), as it is much too easy to break into them, or to fool the interpreter to run something else.

vonbrand
  • 18,253
  • Where is this functionality implemented? Is it in the Bash interpreter/shell code or a trap of some sort in the fork or exec calls, or something else? – Gregg Leventhal Mar 16 '14 at 15:04
  • 1
    You might find the answer to that question in @Stephane Chazelas's answer here: http://unix.stackexchange.com/a/119991/52934 – mikeserv Mar 17 '14 at 06:57