Re: builtin setuid and setgid commands

Re: builtin setuid and setgid commands

[Mikael Magnusson]

On 9/12/06, Dave Yost <Dave@yost.com> wrote:
> Zshell should have builtins to call the setuid and setgid system calls.
>
> With this feature, one can write a shell script that is executed by
> root but runs as another user.
>
> The usefulness of this feature came up in the context of the
> mysql.server script, which starts/stops the server and is run by root
> at boot time.  It would be nice if the script itself could use a
> setuid command to ensure that it is running as the mysql user.
>
> Thanks
>
> Dave

# whoami
root
# UID=1003
# whoami
mikaelh
# UID=0
# whoami
mikaelh

another session
# whoami
root
# EUID=1003
# whoami
mikaelh
# EUID=0
# whoami
root


-- 
Mikael Magnusson

Re: builtin setuid and setgid commands

[Dave Yost]

At 09:51 PM +0200 2006-09-12, Mikael Magnusson wrote:
>On 9/12/06, Dave Yost <Dave@yost.com> wrote:
>>Zshell should have builtins to call the setuid and setgid system calls.
>>
>>With this feature, one can write a shell script that is executed by
>>root but runs as another user.
>>
>>The usefulness of this feature came up in the context of the
>>mysql.server script, which starts/stops the server and is run by root
>>at boot time.  It would be nice if the script itself could use a
>>setuid command to ensure that it is running as the mysql user.
>>
>>Thanks
>>
>>Dave
>
># whoami
>root
># UID=1003
># whoami
>mikaelh
># UID=0
># whoami
>mikaelh
>
>another session
># whoami
>root
># EUID=1003
># whoami
>mikaelh
># EUID=0
># whoami
>root
>
>
>--
>Mikael Magnusson

Thanks.  Also note:

0 516 Z% grep setuid /tmp/zshall.1
1 517 Z%     

:)

Dave

Re: builtin setuid and setgid commands

[Bart Schaefer]

On Sep 12,  1:57pm, Dave Yost wrote:
}
} Thanks.  Also note:
} 
} 0 516 Z% grep setuid /tmp/zshall.1
} 1 517 Z%     

Um, man1/zshall.1, is just a wrapper that contains a whole lot of .so
commands to read in the other sections.  So unless /tmp/zshall.1 is
the output of "man zshall" or is a copy of e.g. cat1/zshall.1, you're
not going to find anything interesting.

Try "grep -i uid zshparam.1" for example.  The older the part of the
zsh manual you're looking at (and the EUID parameter is *really* old)
the more likely it is to have been written for the benefit of non-
programmer college freshmen, not people who would have any idea what
"setuid" means or even what a system call is ... and I don't think it's
reasonable to expect that the manual for an interactive shell would
contain a reference to a specific system call in any case.

builtin setuid and setgid commands

[Dave Yost]

Zshell should have builtins to call the setuid and setgid system calls.

With this feature, one can write a shell script that is executed by 
root but runs as another user.

The usefulness of this feature came up in the context of the 
mysql.server script, which starts/stops the server and is run by root 
at boot time.  It would be nice if the script itself could use a 
setuid command to ensure that it is running as the mysql user.

Thanks

Dave