On Tue, 18 Jun 2002 05:01:10 Simon wrote:
Hi Everyone.... I'm trying to add users from a perl script, the script writes out lines of users to add to the system. Then a system call is made using :
system("/bin/bash","/tmp/Seabed_Users");
In the file Seabed_Users is the following...
adduser -g 45 -s /bin/false -p FtItmgt8G8RJY -d <directory>/username username
When the file is run from the command line as root it works fine, however from the setuid script it doesn't work I get
"adduser: unable to lock password file"
in the error log.. Any ideas
My guess is that root efective uid established by having the perl script setuid is not being passed on to the child process that is started by system().
In C I think the workaround is to call:
setuid(geteuid());
This sets the real and saved uids to the same as the effective uid so from then on the process looks just like one that was run by root rather than one which is setuid (a setuid process has effectice uid set from the file, by real uid and saved uid come from the invoking user).
Hopefully perl will have the equivalent to the C functions above.
Steve.
Steve Fosdick fozzy@pelvoux.demon.co.uk writes:
My guess is that root efective uid established by having the perl script setuid is not being passed on to the child process that is started by system().
It is passed on, but by default bash resets the effective uid to the real uid.
In C I think the workaround is to call:
setuid(geteuid());This sets the real and saved uids to the same as the effective uid so from then on the process looks just like one that was run by root rather than one which is setuid (a setuid process has effectice uid set from the file, by real uid and saved uid come from the invoking user).
Hopefully perl will have the equivalent to the C functions above.
"$< = $>;" should do it. I've never really trusted setuid scripts, Perl or otherwise, though. userv is often a better approach. http://www.chiark.greenend.org.uk/~ian/userv/
-
Richard Kettlewell -
Steve Fosdick