LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
LinkBack Search this Thread
Old 12-09-2004, 11:05 AM   #1
Ali79
LQ Newbie
 
Registered: Oct 2004
Posts: 5

Rep: Reputation: 0
sudo changes the owner and the group of some my files and now I can't enter in X


I want to use k3b with my user totoro as root with sudo.
So I changed the file /etc/sudoers n this way:

# Host alias specification

Host_Alias SLACK = slack

# User alias specification

User_Alias TOTORO = totoro

# Cmnd alias specification

Cmnd_Alias MASTERIZZARE = /usr/bin/cdrecord, /opt/kde/bin/k3b

# Defaults specification
# User privilege specification

root ALL=(ALL) ALL
TOTORO SLACK= MASTERIZZARE

# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL) ALL

# Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL

# Samples
# %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users localhost=/sbin/shutdown -h now

if I type sudo /opt/kde/bin/k3b
and the I type my password

k3b works.

but then the folders: .kde .qt and the file .ICEauthority change goup and owner. From totoro.users to root.root
so now I can't enter in X anymore.

I don't understand why. is there something wrog in my sudoers configuration?
 
Old 12-09-2004, 11:51 AM   #2
Tuttle
Senior Member
 
Registered: Jul 2003
Location: Wellington, NZ
Distribution: mainly slackware
Posts: 1,289

Rep: Reputation: 52
Don't run it as root.
You probably need to add the "setuid" bit in the permissions of cdrecord. Do a search if that is your problem. - ie. if you can't burn cds as a normal user
 
Old 12-09-2004, 12:15 PM   #3
Ali79
LQ Newbie
 
Registered: Oct 2004
Posts: 5

Original Poster
Rep: Reputation: 0
what is it setuid?
 
Old 12-09-2004, 12:42 PM   #4
Tuttle
Senior Member
 
Registered: Jul 2003
Location: Wellington, NZ
Distribution: mainly slackware
Posts: 1,289

Rep: Reputation: 52
Open a terminal and type "man setuid"!!
Basically, if you have the "setuid" bit set to 1 in the permissions of any executable file and allow all to run it, no matter who runs that file the process is always owned by the owner of the file.
So if root owns cdrecord and the setuid bit is on then it will always run as root.
to set the setuid bit:
su
[root password]
chmod u+s /usr/bin/cdrecord

see also man chmod

Last edited by Tuttle; 12-09-2004 at 12:47 PM.
 
Old 12-09-2004, 01:51 PM   #5
Ali79
LQ Newbie
 
Registered: Oct 2004
Posts: 5

Original Poster
Rep: Reputation: 0
I readed yes this man, but I dind't understan it. with chmod u+s /usr/bin/cdrecord and /usr/bin/cdrdao k3b works. so thansk!

But setuid allows everybody to use k3b, and I would like only my user can use it.
 
Old 12-10-2004, 01:01 PM   #6
Tuttle
Senior Member
 
Registered: Jul 2003
Location: Wellington, NZ
Distribution: mainly slackware
Posts: 1,289

Rep: Reputation: 52
Quote:
Originally posted by Ali79
But setuid allows everybody to use k3b, and I would like only my user can use it.
To overcome this you could add a new group then only allow root and people in the group to run it:

groupadd -g 110 burning
chgrp burning /usr/bin/cdrecord
chmod 754 /usr/bin/cdrecord

Then edit /etc/group and add your username:

burning::110:[username]

I think there's a command for that but I can't remember.
note: you don't NEED to use the -g option - see man groupadd

Alternatively use the sudo command - see man sudo

As you can tell, it really helps YOU to read the man pages.

*edited for incorrect groupadd command*

edit 2: you still need the setuid bit after doing this

Last edited by Tuttle; 12-10-2004 at 01:39 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
folder owner/group weird curos Slackware - Installation 1 07-18-2005 07:13 AM
Sudo Group CrimsonSparc Linux - Newbie 17 06-14-2005 02:54 AM
group owner etc MI3GTO Mandriva 3 02-27-2005 08:26 PM
How to change owner and group in a directory to include subdir and all files Lakota Linux - General 2 07-15-2004 09:35 AM
Group as owner instead of a user dtournas Linux - General 1 09-11-2003 10:13 AM


All times are GMT -5. The time now is 07:07 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration