[Techtalk] wrapping unix commands

Fri Apr 22 04:05:00 EST 2005

hello! thanks for the help!

ok, I succeeded in writing and compiling the wrapper but it doesn't seem 
to run setuid(0)

------------------------------
#include <stdio.h>
#define pciconf "/usr/bin/id"

int
main( argc, argv, envp )
         int argc;
         char *argv[];
         char *envp[];

{
         setuid( geteuid() );
         setgid( getegid() );
         execve("/usr/sbin/pciconf", argv, envp );
         fprintf( stderr, "execve() for %s failed\n", "pciconf" );
         exit( 1 );
}
------------------------------

-rwsrwxrwx  1 root  sys  14653 Apr 21 13:58 pciconf.wrap
user "test"  is in sys group

When i run it as a user "test" i get

# pciconf.wrap  -l
pciconf.wrap: /dev/pci: Permission denied

i have even tried replacing
         setuid( geteuid() );
         setgid( getegid() );
with
         setuid(0);
         setgid(0);
but now dice.

Julie Bovee wrote:
> On Apr 7, 2005 12:44 PM, overhaul <overhaul at littledeath.net> wrote:
> 
>>Hello!
>>
>>I'm in a bit of a pinch.   I have limited C knowledge but have been told
>>it's quite simple to write a C wrapper around unix commands.   I have a
>>need now to create a few wrappers for commands that kernel will not
>>allow any non-root user to run ... such as pciconf.
>>
>>I have scoured the net but either the info doesn't exist (doubtful) or
>>I'm not looking in the right places.
>>
>>Does anybody have a clue how to write a C wrapper?
>>
>>thanks!!
>>-T
> 
> 
> Had to do something similar... you'll need to write and compile the
> script as root.
> 
> setuid(0);
> seteuid(0);
> execl("/abspathtoscript/myscript", "myscript", (char *) 0);
>     
> Then set permissions so regular users can run it:
> ---s--x--x   1 root     root        6899 Aug 17  2004 mybinary
> 
> I hope this helps. Good luck,
> Julie