what the heck (changing process uid question)

[Joe Van Dyk]

My problem: When I fork a new process and set the UID of that process
and want to create a log file that I redirect output into, I'm having
difficulties getting the log file to be owned by the correct person.

Below is a code snippet that demonstrates my problem.

require 'ftools'

fail "run this as root please" if Process.uid !=3D 0
fail "usage: ruby #{ __FILE__ } <uid> <directory" if ARGV.size !=3D 2

uid =3D ARGV.shift.to_i
dir =3D ARGV.shift

puts "uid is #{ Process.uid }"

puts "changing uid to #{ uid }"
Process.uid =3D uid

puts "uid is now #{ Process.uid }"

File.makedirs dir

puts "Hopefully <#{ dir }> was created by uid <#{ uid }>"

raise "why the heck don't I own this?" if !File.owned? dir


When I run this on my linux box, I get:
crabbe@~$ id
uid=3D7258(mz652c) gid=3D20(games) groups=3D20(games)

crabbe@~$ sudo ruby a.rb 7258 asdf
uid is 0
changing uid to 7258
uid is now 7258
Hopefully <asdf> was created by uid <7258>
a.rb:20: why the heck don't I own this? (RuntimeError)

crabbe@~$ ls -ld asdf
drwxr-xr-x 2 4294967294 4294967294 9 Nov 22 16:23 asdf

 

[Ara.T.Howard]

My problem: When I fork a new process and set the UID of that process and
want to create a log file that I redirect output into, I'm having
difficulties getting the log file to be owned by the correct person.

afaik this isn't possible from within a ruby, or any script. setuid programs
are gaurded pretty heavily by the kernel. i worked on this for some time at
one point and this was the only way it was possible at the time:

http://codeforpeople.com/lib/ruby/setuidruby/

let me know if you figure out another method. the bottom line is that setuid
program must be binary.

enjoy.

-a
--
===============================================================================
| ara [dot] t [dot] howard [at] gmail [dot] com
| all happiness comes from the desire for others to be happy. all misery
| comes from the desire for oneself to be happy.
| -- bodhicaryavatara
===============================================================================

 

[Bob Showalter]

My problem: When I fork a new process and set the UID of that process
and want to create a log file that I redirect output into, I'm having
difficulties getting the log file to be owned by the correct person.

Process.uid = uid

You want to change effective id, not real id:

Process.euid = uid

 

[Joe Van Dyk]

You want to change effective id, not real id:

Process.euid =3D uid

Very nice, thank you.

<goes off and googles the difference between effective and real uids>