LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-11-2011, 06:13 PM   #1
fifthfiend
LQ Newbie
 
Registered: Apr 2011
Posts: 1

Rep: Reputation: 0
Java / applying elevated permissions when running a particular .jar file


Fairly new to running a Linux server. Trying to find an answer to this problem regarding user permissions:

I have user A who owns a .jar file
I have user B. who needs to run the .jar file
I have Java which is owned by root.

I would like to work out whether/how user B can run the .jar file, in Java, with the permissions of user A.

As I understand it, a running process in Linux typically takes the permissions of the user who executes it. However, the way I'd like to configure user B, the permissions I want them to have wouldn't be sufficient for the process to successfully run.

I know you can also set a process to take the permissions of the owner of that process, but in this case the actual... executing process would be Java, which runs the .jar file, and I def. don't need this, let alone every single instance of Java on my server, to execute with root priviledges.

So like I said, basically I am trying to work out how to let user B run this specific process with the process elevated to this set of priviledges which user B otherwise does not have.

If anyone can help me out - or for that matter, otherwise point out any errors in my understanding of how Linux/Java work, I'd really appreciate it.



As far as the why of all of this: I recently started running a Minecraft server for myself and some friends and am running it via Linux. I'd like to set things up so that a friend of mine can, as needed, telnet into the server and restart Minecraft as needed, as well as a couple of other things, without giving this friend the same access rights I've given myself to the same files.

The minecraft server process runs in a screen, and I've worked out where screen can be set up so multiple users can get into it. However, if I'm running minecraft under my own user name, then that seems like it will just end up letting my friend, from his account, screen into my own account. SO the brilliant idea I had was, what if I had one user account which only existed to run the server, which both me and my friend could screen into as needed, which wouldn't have any more rights to anything than my friend has with the exception of being able to execute this one .jar in Java.

GRANTED, I could actually probably just give my friend access to everything, he's a pretty good friend I trust not to screw around with things, but part of the point of running the server is actually to make myself expand my knowledge of Linux a bit and forcing myself to work out how to do things the hard way.

As said, any help would be appreciated.

Last edited by fifthfiend; 04-11-2011 at 06:15 PM.
 
Old 04-12-2011, 01:12 AM   #2
themanwhowas
Member
 
Registered: Nov 2005
Distribution: CentOS 5, Fedora 23
Posts: 216

Rep: Reputation: 29
setuid bit in file permissions allow other users to run a file with the same permissions as the owner of that file. log in as root and find the files that you need to run, maybe '/etc/minecraft/server.jar' for example. to set suid, type 'chmod u+s /etc/minecraft/server.jar'. This adds that special permission so anybody can run that file and it will be executed as root. Be careful what you set suid on though. Some things require root only access for a reason and setting suid allows anybody to run things that maybe they shouldn't.

Last edited by themanwhowas; 04-12-2011 at 01:14 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to set mail.jar(JavaMail) and mysql-connector-java.jar in Linux class path Terry56 Linux - Software 3 01-19-2010 09:06 AM
I got error with this command 'java -jar NodeView-v1.1.jar' mohdismiaswaly Linux - Software 3 04-23-2009 06:24 AM
Could not run java after applying stick bit permissions to it. pranav_patil Linux - Software 1 06-14-2008 10:45 AM
Fedora Core 1 Associating .jar files with java -jar command pymehta Fedora 0 01-13-2005 05:26 AM
Installing Java running jar files jariep Red Hat 1 04-12-2004 11:11 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 02:13 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration