Temporarily dropping root access

[Daniel Berger]

Hi all,

Say I've got a C extension with two rake tasks - 'build' and
'install'. For the build task, if currently being run as root, I would
like it to drop down to, say, the 'nobody' user. Obviously, I'm only
talking about Unix here.

I thought I could use Process::UID.switch, but I couldn't make it work
right. Any ideas?

As to why, building as root can causing linkage problems [1]. This
question was originally brought up on the rubygems tracker, btw. [2]

Thanks,

Dan

[1] Just google for "root" + "linkage problems" if you want details
[2] http://rubyforge.org/tracker/index.php?func=detail&aid=8820&group_id=126&atid=575

 

[MenTaLguY]

Hi all,

Say I've got a C extension with two rake tasks - 'build' and
'install'. For the build task, if currently being run as root, I would
like it to drop down to, say, the 'nobody' user. Obviously, I'm only
talking about Unix here.

Generally speaking, you should be able to use setreuid to set the
effective UID to 'nobody' while keeping the real UID as root.

(Actually 'nobody' may not be a good choice depending on the Unix
flavor; I believe it is something of a special case on HP-UX for
example)

-mental

 

[Daniel Berger]

Generally speaking, you should be able to use setreuid to set the
effective UID to 'nobody' while keeping the real UID as root.

(Actually 'nobody' may not be a good choice depending on the Unix
flavor; I believe it is something of a special case on HP-UX for
example)

What would you recommend instead then as the best cross-platform
solution?

Thanks,

Dan

 

[Daniel Berger]

Generally speaking, you should be able to use setreuid to set the
effective UID to 'nobody' while keeping the real UID as root.

(Actually 'nobody' may not be a good choice depending on the Unix
flavor; I believe it is something of a special case on HP-UX for
example)

Oh, and just curious, is there ever a time when you *would* want to
build as root?

Thanks,

Dan

 

[John Joyce]

Oh, and just curious, is there ever a time when you *would* want to
build as root?

Thanks,

Dan

Sure!
Many installers run as root, so often building with make would
require sudo,
same can be for rake.
Anytime something needs to write to a directory not owned by the user.

 

[fw]

On Sun, 2008-02-03 at 00:37 +0900, John Joyce wrote:

[..snip..]

Sure!
Many installers run as root, so often building with make would
require sudo,
same can be for rake.
Anytime something needs to write to a directory not owned by the user.

Building as root != installing as root. The build process _should_
always be able to run as any user, though installation may have to run
with elevated privileges depending on permissions on the target file
system.

Felix

 

[John Joyce]

On Sun, 2008-02-03 at 00:37 +0900, John Joyce wrote:

[..snip..]

Sure!
Many installers run as root, so often building with make would
require sudo,
same can be for rake.
Anytime something needs to write to a directory not owned by the
user.

Building as root != installing as root. The build process _should_
always be able to run as any user, though installation may have to run
with elevated privileges depending on permissions on the target file
system.

Felix

Well, sometimes installers do build something!
But as far as running as root it definitely depends on where the
build takes place and what it needs to do.
It most definitely cannot run as any user on every system.
If it needs to write to a directory without write access for the uid
then you need to run as another user with more privileges.
Normally, you would expect a good make/rake build process to do
everything in a directory already owned under current uid, but that's
just not always the case.
On OS X for example, you normally do need to run sudo for building
things with make or rake. If not, then your system has been changed
in a lot of ways.

 

[Daniel Berger]

On Sun, 2008-02-03 at 00:37 +0900, John Joyce wrote:

[..snip..]

Sure!
Many installers run as root, so often building with make would
require sudo,
same can be for rake.
Anytime something needs to write to a directory not owned by the user.

Building as root != installing as root. The build process _should_
always be able to run as any user, though installation may have to run
with elevated privileges depending on permissions on the target file
system.

Felix

Well, sometimes installers do build something!
But as far as running as root it definitely depends on where the build
takes place and what it needs to do.
It most definitely cannot run as any user on every system.
If it needs to write to a directory without write access for the uid
then you need to run as another user with more privileges.
Normally, you would expect a good make/rake build process to do
everything in a directory already owned under current uid, but that's
just not always the case.
On OS X for example, you normally do need to run sudo for building
things with make or rake. If not, then your system has been changed in a
lot of ways.

John, I think you misunderstand. I'm only talking about the build
process, not installation, i.e. the difference between "make" and "make
install".

Typically, I create two separate Rake tasks, build and install. It would
only be the build task where I would temporarily drop root, then restore
it before it reaches the install task.

Regards,

Dan

 

[Ken Bloom]

Oh, and just curious, is there ever a time when you *would* want to
build as root?

You most likely would not, but you are forced to when installing a
rubygem that built a native module. Another common example of when people
build occurs frequently when they have to build Linux kernel modules. For
example, I believe Debian's module-assistant tool builds modules as root,
and the ATI driver's (fglrx) installer does, and I believe that when you
use a pbuilder chroot (an environment that mimics the Debian build
daemons), you're building as root.