Need to call chroot under normal unprevileged user !!

gazolinia · 03-24-2010, 04:43 AM

Its been two days over, after my search started . But I didn't find answer any where ?. I need to call chroot as part of normal user, but to my surprise it can only be called by SUper user with CAP_SYS_CHROOT capabilities. I am not sure how to add this capability to my user . Please help me in solving my situation.

rizhun · 03-24-2010, 07:26 AM

Have you tried:

Code:

$ sudo chroot

?

LouRobytes · 03-24-2010, 07:34 AM

I believe that if you add your normal user to the 'root' group you can accomplish what you're after. This can be done from a command line, or through the Users and Group Manager provided by your distro.

Cheers, Lou

unSpawn · 03-24-2010, 04:43 PM

Quote:

Originally Posted by LouRobytes

I believe that if you add your normal user to the 'root' group you can accomplish what you're after.

This is bad advice. OP: please do not do this.

impert · 03-24-2010, 05:20 PM

Quote:

Originally Posted by gazolinia

Its been two days over, after my search started . But I didn't find answer any where ?. I need to call chroot as part of normal user, but to my surprise it can only be called by SUper user with CAP_SYS_CHROOT capabilities. I am not sure how to add this capability to my user . Please help me in solving my situation.

Why on earth do you "need" to do that? Your system is configured that way for good reason, my advice would be to leave it as it is.
You haven't said what distro you are using. If sudo is not installed then you won't be able to use the 2nd poster's suggestion until it is installed. You can still use su to become root. If you install or have sudo, then you can use visudo (and nothing else!) to edit the /etc/sudoers file to give normal user sudo privileges eg:

Code:

gazolinia ALL=(ALL) ALL

Adding NOPASSWD to this line will, I think, give you what you asked for, but I haven't tried it as I can see no good reason to do so.

LouRobytes · 03-24-2010, 05:27 PM

unSpawn,

I've never done before what I described (not advised) because I know the powers of root. Given what gazolinia asked for, this is the only solution I can think of. I agree that it is not a prudent way to go and should have cautioned him/her. but since I'm new to LQ, I'm not sure how much info to include in a response.

Thank you for indicating that I overstepped.

Cheers. Lou

unSpawn · 03-24-2010, 05:39 PM

NP, at least you know and clarified it's not standard procedure, WD.

LouRobytes · 03-24-2010, 07:11 PM

Hate to advertise my ignorance but don't know 'NP' and 'WD'.

Don't yell at me, Lou

win32sux · 03-24-2010, 07:40 PM

Quote:

Originally Posted by LouRobytes

Hate to advertise my ignorance but don't know 'NP' and 'WD'.

Don't yell at me, Lou

No problem; well done.

gazolinia · 03-24-2010, 11:48 PM

Hi,

Great thanks for your immediate response. Here I am not calling chroot in command line, if so I might have tried suid binary .But I call chroot() method from a perl script . This perl script needs to run under normal user . Currently the point where I stand is I must run the perl script under un previleged user, but it should do chroot. Seems little wierd right , but this is what my application requires now . Adding capablility CAP_SYS_CHROOT to the normal user I guess must solve my requirement, this is what man page of chroot says. But I am not sure how to add this capablity to my user.

Hope you got my requirements. Thanks in advance .

Thanks
Jai

unSpawn · 03-29-2010, 05:06 PM

FUP: http://www.linuxforums.org/forum/lin...tml#post770983