Linux - KernelThis forum is for all discussion relating to the Linux kernel.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Sure, but am I looking for how to do this by system calls. And from your suggestion, PAM is available since RHEL 5, for me RHEL 4 support is also required.
There's no system call which changes UID and EUID from non-root to root. The way all the tools that do that do it is by having a setuid bit set which causes EUID to change when they are executed. If possible, however, you want to avoid having your application setuided since it is a security risk and it's much better to relay on existing commands such as the ones already listed in this thread (you might want to use witch to see which is available and then use that one).
There's no system call which changes UID and EUID from non-root to root. The way all the tools that do that do it is by having a setuid bit set which causes EUID to change when they are executed. If possible, however, you want to avoid having your application setuided since it is a security risk and it's much better to relay on existing commands such as the ones already listed in this thread (you might want to use witch to see which is available and then use that one).
Unfortunately, I can ask user about changing file system permissions. How you can imagine an installer, that ask you to change your system before it can start?
As a matter of fact, installers should require that you be an administrator, or that you "run-as" the installer under an administrator ID.
If you are a non-privileged user, the installer should either offer to do an install ("for you alone") that you can carry out, or it should politely inform you that you can't do it.
As a matter of fact, installers should require that you be an administrator, or that you "run-as" the installer under an administrator ID.
If you are a non-privileged user, the installer should either offer to do an install ("for you alone") that you can carry out, or it should politely inform you that you can't do it.
Totally agree your point of view, I also think this solution will be greate, but our marketing came from other galaxy and they require install to ask user about this.
Ok, only one way to use PAM what I found is to change group permissions.
Then you ignored the clue I left for you:
Code:
~]$ readlink -f /usr/bin/wireshark
/usr/bin/consolehelper
~]$ rpm -qf /usr/bin/consolehelper --qf="%{name}\n"
usermode
~]$ rpm -q usermode --qf="%{description}\n"
The usermode package contains the userhelper program, which can be
used to allow configured programs to be run with superuser privileges
by ordinary users.
but then again that's understandable as the problems you face are not caused by technology (alone):
Quote:
Originally Posted by syscreat
our marketing came from other galaxy and they require
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,233
Rep:
Quote:
Originally Posted by mina86
Quote:
Originally Posted by sundialsvcs
As a matter of fact, installers should require that you be an administrator, or that you "run-as" the installer under an administrator ID.
Not at all, and even the exact opposite. Installer should allow installation without root privileges to user's home directory.
Quote:
Originally Posted by sundialsvcs
As a matter of fact, installers should require that you be an administrator, or that you "run-as" the installer under an administrator ID.
If you are a non-privileged user, the installer should either offer to do an install ("for you alone") that you can carry out, or it should politely inform you that you can't do it.
Yes, it really does come down to one of three things:
Install the application local to yourself.
Install the application globally, but only if you have root privileges.
Run the installer as root.
"The marketing department" should not be the one to set technical strictures. If there is not an easy, universal way to meet that request, then the bottom line is simply that the request cannot be met. There are plenty of systems out there which require that you be logged-in as certain users to do certain things. Precedents abound.
I've defeated this argument simply by pointing out that the developer-cost for the project is running about $14,000 (USD) per day, and that the time-equals-money is better spent making the product as easy to use "in the technically right way" than to continue to entertain the preferences of someone who really doesn't know the foot on which he stands.
Last edited by sundialsvcs; 02-22-2013 at 06:53 AM.
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,233
Rep:
Quote:
Originally Posted by syscreat
Totally agree your point of view, I also think this solution will be greate, but our marketing came from other galaxy and they require install to ask user about this.
this is definately the M$ windoze way of thinking of things, as up until vi$ta, most people were running by default as administrator, so things would just install (at least on home units), even on WINDOWS networks within corporations, an administrator was necessary to install stuff (for the most part), so this is a ridiculous requirement whether you are talking windows OR Linux.
think of it from another standpoint
if this were possible, how many Linux boxes would be owned by hackers/botnets?
ssue is solved by providing a root passphrase directly to su utility. It can be easily reached by using fd_set or pipes and system call forkpty that returns a ready to login shell.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.