rewrite command, how to?

microsmart · 09-27-2005, 10:54 PM

Hi all
For example: I want my "su" command works only with user: "microsmart", so I am going to recompile its source code, but I donno where its source code is. Is it in /usr/src?? Nothing there in my Fedora.
Could anyone help me to rewrite source code of commands and recompile them.
Thank you very much.

flower.Hercules · 09-27-2005, 11:22 PM

You could just change the permission on the link in /bin, seems a lot easier than editing source code, in my opinion. You could also rename the su command to something obscure like linux_command_111 and edit your ~/.bashrc file adding the line

alias su="linux_command_111"

There are quiet a few options like this that are much quicker than changing the source code of a file. Also, just something to keep in mind, a person could bypass this by dropping out of X and loging in as root.

cs-cam · 09-28-2005, 02:31 AM

The su command is only accessible to users in the wheel group. just boot everybody out of that group except microsmart.

microsmart · 09-28-2005, 05:08 AM

Thank you very much! Maybe It's better to do like that.

foo_bar_foo · 09-28-2005, 09:44 PM

come on man don't let them discourage you
su is part of the shadow package
compare that su.c you find there with this original sysV su.c

Code:

#include <stdio.h>
#include <pwd.h>

struct	passwd *pwd,*getpwnam();
char	*crypt();
char	*getpass();
char	**environ;

main(argc,argv)
int	argc;
char	**argv;
{
	register char **p;
	char *nptr;
	char *password;
	int badsw = 0;
	char *shell = "/bin/sh";

	if(argc > 1)
		nptr = argv[1];
	else
		nptr = "root";
	if((pwd=getpwnam(nptr)) == NULL) {
		printf("Unknown id: %s\n",nptr);
		exit(1);
	}
	if(pwd->pw_passwd[0] == '\0' || getuid() == 0)
		goto ok;
	password = getpass("Password:");
	if(badsw || (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0)) {
		printf("Sorry\n");
		exit(2);
	}

ok:
	endpwent();
	setgid(pwd->pw_gid);
	setuid(pwd->pw_uid);
	if (pwd->pw_shell && *pwd->pw_shell)
		shell = pwd->pw_shell;
	for (p=environ; *p; p++) {
		if (strncmp("PS1=", *p, 4) == 0) {
			*p = "PS1=# ";
			break;
		}
	}
	execl(shell, "su", 0);
	printf("No shell\n");
	exit(3);
}

it compiles with
gcc -o su su.c -L -lc -lcrypt

of course it won't work now but it's a better place to start learning than the more modern one.

flower.Hercules · 09-28-2005, 11:20 PM

Wait, wait, wait...this is too good to pass up.

Wouldn't this be considered re-inventing the wheel

Sorry for the disturbance, but it really is true and the saying is quite fitting. It would be like writing a shell script to print the contents of a directory without the use of ls. I certainly wouldn't want to discourage someone from dabbling with source code and learning how things work, that is great, but if he just wants to limit who can use su, the solution is apparently simple.

foo_bar_foo · 09-29-2005, 02:10 AM

sorry -- sounded like to me he was just "tinkering"
he said "For example:"
there was a young guy once when i was in school who took a teletype machine home during the summer to tinker in his garage. his name was Bill Gates. He must have gotten something more out of it than just better system security. Most of us didn't know how to keep others out of our home directory so security was a big rubber band on a shoe box of rolled up ticker tape. Some of the guys had figured out how to "see" what was on the tape by looking at the hole patterns. Sometimes the wheel needs to be reinvented.
Computers in 30 years shouldn't any more be like computers of today than jets are like
hoarse and buggy. If they are then somethings wrong.

flower.Hercules · 09-29-2005, 07:12 AM

Quote:

sorry -- sounded like to me he was just "tinkering"
he said "For example:"

You are right, my mistake; I guess he did just want to tinker around with commands.

Also a nice story, although, it would have been better if it was a tale of Linus or Stallman or some other OSS pioneer

But now this is just way off-topic :/

foo_bar_foo · 09-29-2005, 12:02 PM

there were some unix creators who fit into that story just as well or better.
shortly after that people in universities began to improve on those old building sized ibm mainframes by putting Unix on them.

you know really that object oriented analogy of the "wheel" also just has to be a bit overused.
i mean isn't the "su" tool really a bit more like a turn signal or the cup holder something.
the wheel implies some kind of core get up and moving kind of component.
perhaps the kernel or the filesystem or the laguage and compiler is the wheel.
or better yet seperate components of the wheel
but that need reenventing or at least redisigning.
come to think of it a jet may be better off without a wheel altogether.

flower.Hercules · 09-29-2005, 03:21 PM

The solution was given to remove everybody from the wheel group, hence the analogy.