|
Click to unhide all tags.
|
Thread Tools | Display Modes |
|
04-11-2011, 02:07 PM | #1 |
for all seasons
|
Linux/Java - Question about user/owner rights for processes
OKAY SO
As far as I understand with Linux A process typically executes with the permissions of the user that executed it. HOWEVER It is possible to set a process to execute with the permissions of the user who owns that file. MY QUESTION IS If I am running a .jar file with Java, can I set it so that it runs using the permissions of the owner of that .jar file? OR is it only possible to set it to run using the permissions of the Java executable/command (which I would not do since I think Java is owned by root or some shit). Or is there some other means by which to determine the permissions with which a particular process runs, independently of the user who initiates that process?
__________________
check out my buttspresso
|
04-11-2011, 02:29 PM | #2 |
Sent to the cornfield
|
So if I understand this correctly (though I'm sure there are peple much better suited to help than me flying around):
Jar file is owned by user A You are running as user B You want to use Java (owned by root) to execute the jar as user B with the permissions of user A? My preemptive answer: CHMOD 777 all of Linux. It'll make everything run fantastically. |
04-11-2011, 02:39 PM | #3 | |
for all seasons
|
Quote:
Pretty much the goal of the exercise is to get this working while maintaining the various access levels.
__________________
check out my buttspresso
|
|
04-11-2011, 03:08 PM | #4 |
Not a Taco
Join Date: May 2005
Posts: 3,313
|
Note: Don't do this. At all.
Better answer: CHMOD 000, works even more fantastically.
__________________
I did a lot of posting on here as a teenager, and I was pretty awful. Even after I learned, grew up, and came to be on the right side of a lot of important issues, I was still angry, abrasive, and generally increased the amount of hate in the world, in pretty unacceptable ways. On the off chance that someone is taking a trip down memory lane looking through those old threads, I wanted to devote my signature to say directly to you, I'm sorry. Thank you for letting me be better, NPF. |
04-11-2011, 06:17 PM | #5 |
for all seasons
|
When people show up at my door with pitchforks and torches wanting to know where their minecraft went I'm gonna give them your address.
__________________
check out my buttspresso
|
04-11-2011, 06:22 PM | #6 |
Sent to the cornfield
|
Yeah I'm not sure how to do that without doing it all in root and just putting in an extra command on the end of the script to set the permissions to that of the owner but that is clearly not ideal.
Sorries |
04-11-2011, 06:30 PM | #7 | |
for all seasons
|
Quote:
__________________
check out my buttspresso
|
|
04-11-2011, 08:00 PM | #8 |
synk-ism
|
hahaha chmod 777
Use chmod 4777 on the files in question. This should tell your filesystem that the files/scripts should run as the owner of the script. If you have something like the following:
users a, b scripts x, y a owns x, b owns y Using chmod 4777 should make it so that when a executes y it runs with b's permissions. I haven't tried this myself yet but can make a couple stupid echo scripts to verify. I believe the order is to create the scripts under the correct user accounts (you can use sudo with a specified user or using the sudoers list to do this if needed), assign the permissions (i.e. execute chmod) as root, and then run them however you intend to run them under the regular user. * e: chown may be of help, as well, in setting your owners.
__________________
Find love.
|
04-11-2011, 08:06 PM | #9 |
for all seasons
|
HMMMMMMMMM
That sounds like it should work but to be clear we have... users a, b script x java jarfile y Script x tells Java to run Jarfile y. So if I chmod script X to run with the permissions of user A, will it pass that permission level onto Java / Jarfile Y? Testing actually would be the best way to work this out, "set up some kind of test server for trying out this sort of thing without taking minecraft offline" is one of many entries on the ever-expanding list of things I am totally eventually going to do.
__________________
check out my buttspresso
|
04-11-2011, 08:13 PM | #10 |
synk-ism
|
I didn't do the other work I wanted to do today, so why not do this also.
Hmm. That is an added layer I glossed over.
While I only currently have myself and root on my testing box (though maybe Apache is a user, too), I was able to make a script and alter its permissions and ownership. But when running it, it just opened the file browser with my permissions, not root's. So how to transfer ownership to the thing called in the script... What happens if you set the ownership of the .jar file itself? I have none to test. I will see if I can get Nautilus to open as root when running as myself via the ownership thing (i.e. not cheating and using sudo :P). *** edit Actually that is maybe too round-about. Why not have, in your script, a sudo -u command to execute the .jar as a specific user? For example, using your labeling above, inside script x: Code:
sudo -u b <comamnd to run .jar file> Again, as my machine's listed users are limited, you may need to additionally provide user a with the capability to make use of sudo like this via the sudoers file. I was able to duplicate my script and add the sudo command to open programs as root, though I realize that's a much more common thing than as another user. Still, the principle should be the same, as that is the entire point of sudo.
__________________
Find love.
Last edited by synkr0nized; 04-11-2011 at 09:13 PM. |
|
|