I'm currently reading a book on programming with C, I got to a part where I've got to write a program which will display the real uid and effective uid that the file is being executed on. After compiling the code with gcc, I input the command to see the current uOwner and gOwner ls- l id_demo the output is this:
-rwxrwxr-x 1 user user 8629 Sep 21 13:04 id_demo
I then execute the program itself, this is what I get:
real uid: 1000 effective uid: 1000
...so far so good. I then input a command to change the owner of the file:
sudo chown root:root ./id_demo
The ls -l confirms that the owner has been changed to root:
-rwxrwxr-x 1 root root 8629 Sep 21 13:04 id_demo
Again, executing the program shows real uid and uid as 1000. The last step after which the uid must be 0 is this: sudo chmod u+s ./uid_demo but for me they stay as 1000, where in the book the output is clearly show to be this:
real uid: 1000
effective uid: 0
Any ideas why is this happening?
UPDATE
id_demo source code:
#include <stdio.h>
int main ()
{
printf("real uid: %d\n", getuid());
printf("effective uid: %d\n", geteuid());
}
UPDATE 2
Screen shots
PLEASE HELP. I'm going crazy I spent 6+hour looking for the solution and I need to move on.
We've figured it out. The cause is an ecryptfs-mounted home directory. The mount output contains the following line:
/home/evgeny/.Private on /home/evgeny type ecryptfs
That means that the home directory isn't actually part of the root filesystem (that has the necessary suid flag), but its own virtual filesystem that apparently doesn't support setuid binaries by default. I have successfully reproduced the issue with a test user that has an encrypted home directory.
It is possible to add the suid flag to the ecryptfs with the following command:
sudo mount -i -o remount,suid /home/evgeny
I'm not certain though how safe that is, nor how to change it permanently so that it would survive reboots.
This works for me:
compile
$ gcc uid_demo.c -o uid_demo
$ ll
total 12
-rwxrwxr-x 1 saml saml 6743 Sep 21 17:05 uid_demo
-rw-rw-r-- 1 saml saml 116 Sep 21 16:58 uid_demo.c
chown
$ sudo chown root:root uid_demo
$ ll
total 12
-rwxrwxr-x 1 root root 6743 Sep 21 17:05 uid_demo
-rw-rw-r-- 1 saml saml 116 Sep 21 16:58 uid_demo.c
chmod
$ sudo chmod u+s uid_demo
$ ll
total 12
-rwsrwxr-x 1 root root 6743 Sep 21 17:05 uid_demo
-rw-rw-r-- 1 saml saml 116 Sep 21 16:58 uid_demo.c
run
$ ./uid_demo
real uid: 500
effective uid: 0
Related
On my system, /home and /etc have exactly the same permissions:
$ ls -ld /home /etc
drwxr-xr-x 67 root root 4096 Nov 13 15:59 /etc
drwxr-xr-x 3 root root 4096 Oct 18 13:45 /home
However, Postgres can read one, but not the other:
test=# select count(*) from (select pg_ls_dir('/etc')) a;
count
-------
149
(1 row)
test=# select count(*) from (select pg_ls_dir('/home')) a;
ERROR: could not open directory "/home": Permission denied
Even though the user the DB is running as can, in fact, run ls /home:
$ sudo -u postgres ls /home > /dev/null && echo "ls succeeded"
ls succeeded
What is going on?
My postgres version is 11.5, running on Arch Linux.
I figured it out, it is because Arch's bundled postgresql.service file set ProtectHome=true, causing systemd to use Linux mount namespaces to block the postgres processes from accessing /home.
I am getting:
Can't locate JSON/XS.pm in #INC (you may need to install the JSON::XS module)
(#INC contains:
/usr/local/lib/perl5/site_perl/5.24.1/darwin-2level
/usr/local/lib/perl5/site_perl/5.24.1
/usr/local/lib/perl5/5.24.1/darwin-2level
/usr/local/lib/perl5/5.24.1
.
) at get.pl line 13.
(Line breaks added for readability.)
I have tried installing this module using cpan and getting the following message:
Can't write to cpanm home '/Users/sa/.cpanm': You should fix it with chown/chmod first.
I was wondering on what and where to find it to fix it?
$ ls -al ~/.cpanm
total 16
drwxr-xr-x 5 root staff 170 Feb 20 10:37 .
drwxr-xr-x+ 50 sa staff 1700 Feb 20 13:51 ..
lrwxr-xr-x 1 root staff 51 Feb 20 10:37 build.log -> /Users/sa/.cpanm/work/1487615857.2117/build.log
lrwxr-xr-x 1 root staff 41 Feb 20 10:37 latest-build -> /Users/sa/.cpanm/work/1487615857.2117
drwxr-xr-x 4 root staff 136 Feb 20 10:37 work
You did sudo cpanm at some point, and it created files in your home directory that belong to root instead of sa. Fix:
sudo chown -R sa:staff ~/.cpanm
In the future, use cpanm --sudo instead of sudo cpanm to avoid this problem. (It also avoid using root until necessary.)
I am trying to find a way to run a script on sleep before an x session ends, because the script requires an active x session to execute properly. Storing the script in /etc/pm/sleep.d did not work (and returned errors related to a non-existent x session). Any ideas where to put the script?
Update in response to comments
king#death-star /etc/acpi $ cat 01_revert_kb_on_sleep
#!/bin/bash
touch ~/Desktop/touchfile_my_script_acpi
case "$1" in
hibernate|suspend)
sh -c "/home/king/Desktop/Scripts/rotate_desktop normal; /home/king/Desktop/Scripts/misc/my_keyboard on" 2> ~/Desktop/revert_kb_error_log.txt ;;
#thaw|resume)
king#death-star /etc/acpi $ ls
total 1MB
drwxr-xr-x 3 root root 1MB Jun 11 23:36 .
drwxr-xr-x 163 root root 1MB Jun 11 23:41 ..
-rwxr-xr-x 1 root root 1MB Jun 11 23:36 01_revert_kb_on_sleep
king#death-star /etc/acpi $ ps -ef| grep acpid
root 1070 1 0 23:41 ? 00:00:00 acpid -c /etc/acpi/events -s /var/run/acpid.socket
king 3499 2574 0 23:52 pts/2 00:00:00 grep --colour=auto acpid
Step 1.
a. Enable and start the acpi service.
b. Run the acpi_listen command and try putting the computer to sleep via various methods (pushing the power button, closing the lid, etc.)
c. Find out what events are triggered, when you do the above. In my case they were: button/lid LID close and button/sleep SBTN 00000080 00000000
Step 2.
a. Create the file /etc/acpi/events/my_events with the following:
event=(button/sleep SBTN|button/lid LID close)
action=/etc/acpi/my_script.sh
Substitute the events in the event= line with your events.
b. Create the file /etc/acpi/my_script.sh with the following:
#!/bin/sh
/home/king/Desktop/Scripts/rotate_desktop normal
/home/king/Desktop/Scripts/misc/my_keyboard on
NB. You might need to add export DISPLAY=:0 before the scripts to get access to your X session.
NB2: Your scripts will run with root user credentials. To run with your user credentials, you might want to do:
sudo -u king /home/king/Desktop/Scripts/rotate_desktop normal
sudo -u king /home/king/Desktop/Scripts/misc/my_keyboard on
c. Make the file /etc/acpi/my_script.sh executable:
chmod +x /etc/acpi/my_script.sh
d. Restart the acpi service.
Step 3. Share and enjoy.
I use wget to download an entire website with all included assets, the problem is that wget does not download included videos.
For example with this website, if I execute the following command :
wget -q -r ‐‐page-requisites http://videohtml5.byethost11.com/index.html
It download almost everything but if you open the web page, you'll see that the video is not downloaded.
I have tried the following options without results:
-r : for recursion
--page-requisites : to download all included assets
However if I directly put the link to the video as an option of wget it works :
wget -q -r ‐‐page-requisites http://videohtml5.byethost11.com/movie.mp4
But I would like to download everything in one command. I have read the wget manual but I didn't see any other option that could do that. That's why I am asking your help.
EDIT : I change the url to really match my need
SOLUTION : Because I am using Windows, I didn't get the latest released which has the fix for the bug. Do not download wget from http://gnuwin32.sourceforge.net/packages/wget.htm, but use https://eternallybored.org/misc/wget/ instead.
The video is hosted at a different domain: you need the -H parameter.
See the manpage section about spanning hosts: https://www.gnu.org/software/wget/manual/wget.html#Spanning-Hosts
== Update ==
It seems wget has a bug preventing to download the <source> of the <video> tag. See https://lists.gnu.org/archive/html/bug-wget/2013-06/msg00070.html
This works as you expect:
wget -H -r --level=1 -k -p http://camendesign.com/code/video_for_everybody/
...
drwxr-xr-x 24 root root 4096 Apr 17 10:08 camendesign.com
drwxr-xr-x 2 root root 4096 Apr 17 10:08 clips.vorwaerts-gmbh.de
drwxr-xr-x 2 root root 4096 Apr 17 10:08 forum.camendesign.com
-rw-r--r-- 1 root root 13700 May 12 2013 test.html
drwxr-xr-x 2 root root 4096 Apr 17 10:08 www.youtube.com
root#test /tmp/test# cd clips.vorwaerts-gmbh.de/
root#test /tmp/test/clips.vorwaerts-gmbh.de# ll
total 5396
-rw-r--r-- 1 root root 5510872 Feb 9 2010 big_buck_bunny.mp4
By following the official instructions http://www.mongodb.org/display/DOCS/Quickstart+Unix and this post http://blog.phy5ics.com/2010/03/27/installing-mongodb-on-mediatemple-dv/ I've just about managed to get mongodb installed on MediaTemples DV 4.0 server (I think).
I am however having problems installing the PHP driver http://www.mongodb.org/display/DOCS/PHP+Language+Center
In SSH I get this:
[root#xxx]# cd /var/tmp
[root#xxx]# pecl install mongo
downloading mongo-1.1.4.tgz ...
Starting to download mongo-1.1.4.tgz (68,924 bytes)
.................done: 68,924 bytes
18 source files, building
running: phpize
Configuring for:
PHP Api Version: 20090626
Zend Module Api No: 20090626
Zend Extension Api No: 220090626
/usr/bin/phpize: /var/tmp/mongo/build/shtool: /bin/sh: bad interpreter: Permission denied
Cannot find autoconf. Please check your autoconf installation and the $PHP_AUTOCONF environment variable. Then, rerun this script.
ERROR: `phpize' failed
I am logged in as the root user - I don't understand why it's failing and what steps I need to take to install the PHP driver?
Thanks
Run the following commands on your server's command line:
$ mkdir /root/tmp
$ mount --bind /root/tmp /tmp
$ umount /tmp; umount /var/tmp
$ pecl install mongo
A few things:
/root/tmp is just an arbitrary temp directory. You can use whatever you want, provided it exists.
Some instructions say to use --host instead of --bind. On RHEL/CentOS mount says --host is an unrecognized option.
If you're on a VM, it's likely that you'll have to do this each time you restart your VM/Container.
For Media Temple customers, I can confirm that this works on both (dv) and (ve) servers with CentOS 5 and 6.
From media temple support: Need to create a temporary directory (/root/tmpz):
$ mkdir /root/tmpz
$ mount --host /root/tmpz /tmp
$ umount /tmp; umount /var/tmp
$ pecl install mongo
Build complete.
Don't forget to run 'make test'.
running: make INSTALL_ROOT="/var/tmp/pear-build-root/install-mongo-1.1.4" install
Installing shared extensions: /var/tmp/pear-build-root/install-mongo-1.1.4/usr/lib64/php /modules/
running: find "/var/tmp/pear-build-root/install-mongo-1.1.4" | xargs ls -dils
69094140 4 drwxr-xr-x 3 root root 4096 Feb 22 13:40 /var/tmp/pear-build-root/install-mongo-1.1.4
69275176 4 drwxr-xr-x 3 root root 4096 Feb 22 13:40 /var/tmp/pear-build-root/install-mongo-1.1.4/usr
69275177 4 drwxr-xr-x 3 root root 4096 Feb 22 13:40 /var/tmp/pear-build-root/install-mongo-1.1.4/usr/lib64
69290445 4 drwxr-xr-x 3 root root 4096 Feb 22 13:40 /var/tmp/pear-build-root/install-mongo-1.1.4/usr/lib64/php
69290447 4 drwxr-xr-x 2 root root 4096 Feb 22 13:40 /var/tmp/pear-build-root/install-mongo-1.1.4/usr/lib64/php/modules
69290448 676 -rwxr-xr-x 1 root root 684126 Feb 22 13:40 /var/tmp/pear-build-root/install-mongo-1.1.4/usr/lib64/php/modules/mongo.so
Build process completed successfully
Installing '/usr/lib64/php/modules/mongo.so'
install ok: channel://pecl.php.net/mongo-1.1.4
configuration option "php_ini" is not set to php.ini location
You should add "extension=mongo.so" to php.ini
Do you have php-dev installed? phpize is basically "compiling" the MongoDB driver, but unless you have the -dev installed, this may not work.