Need to call chroot under normal unprevileged user !!
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Need to call chroot under normal unprevileged user !!
Its been two days over, after my search started . But I didn't find answer any where ?. I need to call chroot as part of normal user, but to my surprise it can only be called by SUper user with CAP_SYS_CHROOT capabilities. I am not sure how to add this capability to my user . Please help me in solving my situation.
I believe that if you add your normal user to the 'root' group you can accomplish what you're after. This can be done from a command line, or through the Users and Group Manager provided by your distro.
Its been two days over, after my search started . But I didn't find answer any where ?. I need to call chroot as part of normal user, but to my surprise it can only be called by SUper user with CAP_SYS_CHROOT capabilities. I am not sure how to add this capability to my user . Please help me in solving my situation.
Why on earth do you "need" to do that? Your system is configured that way for good reason, my advice would be to leave it as it is.
You haven't said what distro you are using. If sudo is not installed then you won't be able to use the 2nd poster's suggestion until it is installed. You can still use su to become root. If you install or have sudo, then you can use visudo (and nothing else!) to edit the /etc/sudoers file to give normal user sudo privileges eg:
Code:
gazolinia ALL=(ALL) ALL
Adding NOPASSWD to this line will, I think, give you what you asked for, but I haven't tried it as I can see no good reason to do so.
I've never done before what I described (not advised) because I know the powers of root. Given what gazolinia asked for, this is the only solution I can think of. I agree that it is not a prudent way to go and should have cautioned him/her. but since I'm new to LQ, I'm not sure how much info to include in a response.
Thank you for indicating that I overstepped.
Cheers. Lou
Last edited by LouRobytes; 03-24-2010 at 05:30 PM.
Reason: clarification
Great thanks for your immediate response. Here I am not calling chroot in command line, if so I might have tried suid binary .But I call chroot() method from a perl script . This perl script needs to run under normal user . Currently the point where I stand is I must run the perl script under un previleged user, but it should do chroot. Seems little wierd right , but this is what my application requires now . Adding capablility CAP_SYS_CHROOT to the normal user I guess must solve my requirement, this is what man page of chroot says. But I am not sure how to add this capablity to my user.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.