Thread: Execute shell command from other user

  1. #1
    Registered User
    Join Date
    Aug 2009
    Posts
    8

    Execute shell command from other user

    I want to execute shell command by user with uid 501. I run this application by root. I wrote:
    Code:
    #include <iostream>
    using namespace std;
    #include <stdlib.h>
    #include <sys/types.h>
    #include <unistd.h>
    #include <stdio.h>
    
    
    int main() {
    	
    //cout<<"started as uid="<<getuid()<<", pid="<<getpid()<<endl;
    	
            pid_t result = fork();
    
    	if (result==-1) {cout<<"error fork()"<<endl;
    	return 1;} else cout<<"fork()="<<result<<endl;
    
    	if(result==0){
    	int status=setuid(501);
    	
    //cout<<"child print setuid()="<<status<<endl;
    
    	if(status>0)
    	{
    
    //cout<<"child uid="<<getuid()<<endl;
    //cout<<"child pid="<<getpid()<<endl;
    
    sleep(20);
    
    
    system("date >/media/disk/log");
    system("whoami >/media/disk/log");
    
    
    	}} else if(result!=0){
    		
    //cout<<"parent uid="<<getuid()<<endl;
    //cout<<"parent pid="<<getpid()<<endl;}
    
    	return 0;
    }
    but /media/disk/log is empty.

  2. #2
    spurious conceit MK27's Avatar
    Join Date
    Jul 2008
    Location
    segmentation fault
    Posts
    8,300
    move to C++
    C programming resources:
    GNU C Function and Macro Index -- glibc reference manual
    The C Book -- nice online learner guide
    Current ISO draft standard
    CCAN -- new CPAN like open source library repository
    3 (different) GNU debugger tutorials: #1 -- #2 -- #3
    cpwiki -- our wiki on sourceforge

  3. #3
    and the Hat of Guessing tabstop's Avatar
    Join Date
    Nov 2007
    Posts
    14,336
    While we wait for the move to C++, I will ask: do you get any error messages on the console? Does the user have privileges to write to /media/disk/log? Are you aware that using > as redirect will delete any previous contents of the file, meaning you'll never see the date?

  4. #4
    and the hat of int overfl Salem's Avatar
    Join Date
    Aug 2001
    Location
    The edge of the known universe
    Posts
    39,660
    Such a short program, yet somehow unreadable.
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.

  5. #5
    Ex scientia vera
    Join Date
    Sep 2007
    Posts
    477
    Quote Originally Posted by Salem View Post
    Such a short program, yet somehow unreadable.

    I guess that's an achievement in itself.
    "What's up, Doc?"
    "'Up' is a relative concept. It has no intrinsic value."

  6. #6
    Registered User
    Join Date
    Aug 2009
    Posts
    8
    Excuse for unreadable.

    While we wait for the move to C++, I will ask: do you get any error messages on the console? Does the user have privileges to write to /media/disk/log? Are you aware that using > as redirect will delete any previous contents of the file, meaning you'll never see the date?
    Code:
    [andrew@COR disk]$ ls -l
    -rwxrwxrwx.   1 root   root          6 Авг 23 18:37 log
    I know that > will delete any previous contents of the file.
    Before:
    Code:
    [andrew@COR disk]$ cat log
    empty file
    After:
    Code:
    [root@COR Release]# ./ssetu
    started as uid=0, pid=8859
    fork()=0
    child print setuid()=0
    fork()=8860
    parent uid=0
    parent pid=8859
    [root@COR Release]# cat /media/disk/log
    empty file
    My attempt to make a code more readable:

    Code:
    #include <iostream>
    using namespace std;
    #include <stdlib.h>
    #include <sys/types.h>
    #include <unistd.h>
    #include <stdio.h>
    
    
    int main() {
    	
            pid_t result = fork();
    
    	if (result==-1)   {
                 cout<<"error fork()"<<endl;
    	     return 1;
            
             } else 
                 cout<<"fork()="<<result<<endl;
    
    	if (result==0){
    	       int status=setuid(501);
    	
      	       if (status>0){
                              sleep(20);
                              system("date >/media/disk/log");
                    }
    
             } 
    	return 0;
    }

  7. #7
    and the Hat of Guessing tabstop's Avatar
    Join Date
    Nov 2007
    Posts
    14,336
    If you take away the redirect, do you get any output?

  8. #8
    Registered User
    Join Date
    Aug 2009
    Posts
    8
    Quote Originally Posted by tabstop View Post
    If you take away the redirect, do you get any output?
    no, if i run by root or by user with uid=501 i get nothing.
    by root:
    Code:
    [root@COR Release]# ./ssetu
    started as uid=0, pid=9571
    fork()=9572
    parent uid=0
    parent pid=9571
    fork()=0
    child print setuid()=0
    by uid=501:
    Code:
    [andrew@COR disk]$ ./ssetu
    started as uid=501, pid=9601
    fork()=9602
    parent uid=501
    parent pid=9601
    fork()=0
    child print setuid()=0
    by other user:
    Code:
    [up@COR disk]$ ./ssetu
    started as uid=500, pid=9537
    fork()=9538
    parent uid=500
    parent pid=9537
    fork()=0
    child print setuid()=-1
    Last edited by LuckyStr; 08-23-2009 at 04:11 PM.

  9. #9
    and the Hat of Guessing tabstop's Avatar
    Join Date
    Nov 2007
    Posts
    14,336
    So ... that would be why your file is empty. Can you type "date" or "whoami" at the terminal? Does uid 501 not have a name that whoami doesn't print?

  10. #10
    Officially An Architect brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,396
    Here's my implementation:

    Code:
    sudo -u \#501 command
    Code:
    //try
    //{
    	if (a) do { f( b); } while(1);
    	else   do { f(!b); } while(1);
    //}

  11. #11
    Registered User
    Join Date
    Aug 2009
    Posts
    8
    Quote Originally Posted by tabstop View Post
    So ... that would be why your file is empty. Can you type "date" or "whoami" at the terminal? Does uid 501 not have a name that whoami doesn't print?
    Code:
    [andrew@COR up]$ id
    uid=501(andrew) gid=501(andrew) группы=500(up),501(andrew),502(vboxusers) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
    [andrew@COR up]$ whoami
    andrew
    [andrew@COR up]$ date
    Пнд Авг 24 16:44:30 EEST 2009
    [andrew@COR up]$

  12. #12
    Registered User
    Join Date
    Oct 2008
    Posts
    1,262
    What if you execute
    date >/media/disk/log
    as user andrew?

    Or try to use the full path to date, as the $PATH environment variable might be not set.

  13. #13
    Registered User
    Join Date
    Aug 2009
    Posts
    8
    Thank's all, but my mistake was that i check wrong value: if setuid() finished successfully it return 0.

    Code:
    #include <iostream>
    using namespace std;
    #include <stdlib.h>
    #include <sys/types.h>
    #include <unistd.h>
    #include <stdio.h>
    
    
    int main() {
    	
            pid_t result = fork();
    
    	if (result==-1)   {
                 cout<<"error fork()"<<endl;
    	     return 1;
            
             } else 
                 cout<<"fork()="<<result<<endl;
    
    	if (result==0){
    	       int status=setuid(501);
    	
      	       if (status==0){
                              sleep(20);
                              system("date >/media/disk/log");
                    }
    
             } 
    	return 0;
    }

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Need help managing user input
    By JayDiddums10 in forum C Programming
    Replies: 2
    Last Post: 11-19-2006, 05:01 PM
  2. Execute Command from C fcn in DLL
    By karcheee in forum Windows Programming
    Replies: 2
    Last Post: 07-27-2005, 03:42 PM
  3. Program to execute shell commands.
    By LiquidLithium in forum C++ Programming
    Replies: 6
    Last Post: 09-01-2004, 12:22 PM
  4. Shell execute... but piping
    By nickname_changed in forum C++ Programming
    Replies: 2
    Last Post: 05-21-2003, 07:39 AM