(automatic) excution of a program in /usr/sbin as normal user
Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: openSuSE Tumbleweed-KDE, Mint 21, MX-21, Manjaro
Posts: 4,629
Rep:
(automatic) excution of a program in /usr/sbin as normal user
I have /usr/sbin/powertop (to minimize power consumption on my netbook) which I want to run automatically late during boot. It has set "-rwxr-xr-x". So I assumed "others" having set their "r-x" (e.g. users like me) can execute it. But I get the message:
Quote:
"Absolute path to 'powertop' is '/usr/sbin/powertop', so running it may require superuser privileges (e.g. root)."
I know that I could add /usr/sbin to my $PATH to get rid of that but I don't want to open that much access to normal users.
Any ideas what is causing this and how to change it without creating security holes? TIA.
Notice the word 'may' in the msg; its just a warning.
Depending on how you call it, you may be able to suppress it.
If you add it to the startup routines, worst case its just one extra msg amongst many, unless you reboot a lot(!)
Distribution: openSuSE Tumbleweed-KDE, Mint 21, MX-21, Manjaro
Posts: 4,629
Original Poster
Rep:
Well, no, it is not only a warning, since I'm thrown back to the prompt. "powertop" has a user interface which should otherwise be shown on the screen (sorry, I mixed two scenarios so as not to flood the forum with stupid questions).
The boot process is run by root, so if its in there, you shouldn't get a problem unless you're trying to run it as someone else.
If you want to run it as someone who is not root, try setting suid (as root) on the file.
Code:
chmod u+s /usr/sbin/powertop
This causes it to run as root, regardless of who calls it, eg see /usr/bin/passwd.
static void checkroot() {
int uid;
uid = getuid();
if (uid != 0) {
printf(_("PowerTOP " POWERTOP_VERSION " must be run with root privileges.\n"));
printf(_("exiting...\n"));
exit(EXIT_FAILURE);
}
}
Distribution: openSuSE Tumbleweed-KDE, Mint 21, MX-21, Manjaro
Posts: 4,629
Original Poster
Rep:
Quote:
Originally Posted by 273
...it's hard coded into powertop to check that the user running it is root...
Darn. That means when I use my netbook as normal user I have to "su" to root to set the proper power settings. That's bloody inconvenient . Or do any of you have a different solution?
At least in post #9 the msg says 'must' be run as root; that's much clearer.
Wonder why OP gets a different msg; different version perhaps?
Maybe you should contact the author.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by chrism01
At least in post #9 the msg says 'must' be run as root; that's much clearer.
Wonder why OP gets a different msg; different version perhaps?
Maybe you should contact the author.
You make a very good point. The message about the absolute path doesn't seem to be in the listing I linked to and looks like it may even be a system message. Perhaps that means that the sticky bit is working and it's something else?
Distribution: openSuSE Tumbleweed-KDE, Mint 21, MX-21, Manjaro
Posts: 4,629
Original Poster
Rep:
Quote:
Originally Posted by 273
...The message about the absolute path doesn't seem to be in the listing I linked to and looks like it may even be a system message. Perhaps that means that the sticky bit is working and it's something else?
That's why I mentioned PAM, but with that I'm entirely out of my depth. I'll try your askubuntu link and come back later.
Distribution: openSuSE Tumbleweed-KDE, Mint 21, MX-21, Manjaro
Posts: 4,629
Original Poster
Rep:
Well, that opened a whole new can of worms .
I had (in part) already incorporated the procedure from your link, 273. I completed it now and thus have a script with all the desired commands. In principle I don't need to run "powertop" anymore, though I'd still like to know, whether these restrictions can be circumvented. Anyways.
The normal user (myself) can run that script and it resides in KDE's Autostart directory. But it doesn't work . In the most cases access to the /proc and /sys directories (rather their subdirectories) is denied. Also commands like "hdparm", "ethtool" and "iw" are not found. When I "su" too root and run that script I get no error and everything is set as desired. So I'm back to step one.
The same (i.e. nothing) happens, when I incorporate the commands from the script in the user's ".profile" or ".bashrc" files.
Btw. chrism01, I checked with wikipedia, it says that most distributions disable the suid bit of script for security reasons.
You also wrote that the init process is run by root. Thus I copied the script to /etc/init.d and created links at rc3.d and rc5.d. And lo and behold -- the script works as desired -- but only when I log in as root, and not so when I'm the normal user, even though "chkconfig" and YAST's runlevel editor show that the script is active and running.
Seems that "systemd" is not always running as root?!? I don't understand this at all...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.