3

I have a simple command that I want to be able to perform as a user, but it requires root permissions. I suspect that this is a case for the "SUID"-bit, but I've never used it.

This is what I've tried:

aioobe@e6510:~/bin$ sudo -s
root@e6510:~/bin# cat -> spindown_baydrive
#!/bin/bash
/sbin/hdparm -Y /dev/sdb
root@e6510:~/bin# chmod +x spindown_baydrive 
root@e6510:~/bin# chmod ug+s spindown_baydrive 
root@e6510:~/bin# exit
aioobe@e6510:~/bin$ ./spindown_baydrive 
/dev/sdb: Permission denied
aioobe@e6510:~/bin$


aioobe@e6510:~/bin$ ls -la spindown_baydrive 
-rwsr-sr-x 1 root root 37 2011-01-31 09:59 spindown_baydrive

Any suggestions?

aioobe
  • 401

3 Answers3

7

This is exactly the kind of thing that sudo was designed for. use visudo to edit the sudoers to allow the non privileged user to run your script as root.

visudo

add a line like this

aioobe ALL=NOPASSWD: /path/to/spindown_baydrive

and save the file

now you can run the file as root using the command

sudo /path/to/spindown_baydrive

If you want to require a password to be entered to run the script then change the sudoers line above to

aioobe ALL= /path/to/spindown_baydrive

user9517
  • 117,122
4

You can let the user run the script as root via sudo by configuring it in /etc/sudoers, without forcing the user to enter his password (see the NOPASSWD option).

To suid bash scripts, read more here: (Ubuntu) setuid bash doesn't work

Community
  • 1
3molo
  • 4,370
1

-rwsr-sr-x 1 root root 37 2011-01-31 09:59 spindown_baydrive

At 37 bytes, I'm guessing this is a shell script. When running as setuid, the shell starts new processes as the original uid. If you google for 'shell script setuid' you'll see lots of explanations why it doesn't work - and lots of ways to resolve the problem, obvious ones are using sudo or writing a wrapper program in C.

symcbean
  • 23,767
  • 2
  • 38
  • 58