LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Solaris / OpenSolaris (http://www.linuxquestions.org/questions/solaris-opensolaris-20/)
-   -   Process changes effictive UID (http://www.linuxquestions.org/questions/solaris-opensolaris-20/process-changes-effictive-uid-729304/)

mesiol 05-29-2009 08:43 AM

Process changes effictive UID
 
Hye All,

i setup a new Solaris 10 system and installed a java software. When starting the software as normal user, the process became owned by root without any reason.

I have a couple of machines running this software with different Solaris version from 8 to 10 Update 6 and all works well. On all this machines the process is running as non-root user except the new one.

I debugged the shell script starting the process, this one does an explicite check that the user is NOT root starting the process.

It's a little bit strange to me what's going on on the new system.

Some system information:
SUN SPARC M4000 running SunOS dbnode1-2517 5.10 Generic_138888-01 sun4u sparc SUNW,SPARC-Enterprise

All help is welcome.

crisostomo_enrico 05-29-2009 08:46 AM

Well, a little more information would be helpful. Can you tell us which software it is? Can you show us the startup script?

mesiol 05-29-2009 09:32 AM

Hye,

it's a call to start a jar file. The script here:
Code:

    jaifhome=/opt/jaif
    akuser=oracle
    waittime=15
    for i in $jaifhome; do
        if [ $waittime -gt 0 ]; then
            echo "waiting $waittime seconds before starting next JAIF instance"
        fi
        /bin/sleep $waittime
        echo starting JAIF in: $i
        cd $i/system
        if [ $akuser = "root" ]; then
            su - $jaifuser -c "$i/system/startjaif.sh >> $i/system/nohup.out 2>> $i/system/nohup.out"
        else
            $i/system/startjaif.sh >> $i/system/nohup.out 2>> $i/system/nohup.out
        fi
    done

The called script startjaif.sh runs
java -jar $jaifhome/jar/jaif.jar

So it's a real easy construct.

As mentioned in my first post, this all works correct on dozen of other SUN Solaris 10 systems, but not here. So i'm not really sure where this behaviour relies on.

jlliagre 05-29-2009 11:15 AM

You cannot change your uid in (pure) java.

If this really happens, that must have been done by native code and the user account (here oracle) must already have been granted the roles/privileges required to change its own user id.

Alternatively, there might be a unix program called by your java application that has root setuid bit set.


All times are GMT -5. The time now is 06:55 PM.