[go-nuts] Re: setuid root
Thanks -- that worked. On Monday, September 20, 2021 at 2:11:21 PM UTC-4 Tamás Gulácsi wrote: > chmod 4755 is not enough. Your binary must be owned by root, to run root - > setuid means "run as owner". > > Rich a következőt írta (2021. szeptember 20., hétfő, 19:54:33 UTC+2): > >> Yes. I tried running an exec: cmd=exec.Command("whoami") and it came as >> my user id not root. But to set the permissions I'd run: 'chmod 4755 >> myapplication' >> >> On Monday, September 20, 2021 at 11:20:39 AM UTC-4 Tamás Gulácsi wrote: >> >>> You mean "chown root app; chmod 4755 app" ? >>> >>> Rich a következőt írta (2021. szeptember 20., hétfő, 16:57:38 UTC+2): >>> I am trying to create a go program so that I can peform an action that is more complex than the example I have below. I can't give sudo right so run the application due to some policy we have at work that certain groups can only have read permissions. The company also have a policy that states any new directory / file is set with restrictive permissions. What I wanted to do is create a program that runs as root. (Like ping runs as root) but it doesn't seem to work. package main import ( "fmt" "os" "os/exec" ) func main() { cmd:=exec.Command("chmod","770", "/opt/app/mnt/mydirectory") cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr err:=cmd.Run() if err != nil { fmt.Println("ERROR:", err) } } When I compile, then do a chmod 4755, and run it. I get a permissions denied. Looking for why this would be? >>> -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/9a3d069a-dcb4-41fe-8ab7-ae5c7141e5e1n%40googlegroups.com.
[go-nuts] Re: setuid root
OK -=- My mistake. When you setuid a program it sets the user to the owner of the file. So I owned the file, so it would run as me. When I did a chown root myapplication -- it runs like it should. Thanks everyone for the help. On Monday, September 20, 2021 at 1:54:33 PM UTC-4 Rich wrote: > Yes. I tried running an exec: cmd=exec.Command("whoami") and it came as my > user id not root. But to set the permissions I'd run: 'chmod 4755 > myapplication' > > On Monday, September 20, 2021 at 11:20:39 AM UTC-4 Tamás Gulácsi wrote: > >> You mean "chown root app; chmod 4755 app" ? >> >> Rich a következőt írta (2021. szeptember 20., hétfő, 16:57:38 UTC+2): >> >>> I am trying to create a go program so that I can peform an action that >>> is more complex than the example I have below. I can't give sudo right so >>> run the application due to some policy we have at work that certain groups >>> can only have read permissions. The company also have a policy that states >>> any new directory / file is set with restrictive permissions. What I wanted >>> to do is create a program that runs as root. (Like ping runs as root) but >>> it doesn't seem to work. >>> >>> package main >>> >>> import ( >>> "fmt" >>> "os" >>> "os/exec" >>> ) >>> >>> func main() { >>> cmd:=exec.Command("chmod","770", "/opt/app/mnt/mydirectory") >>> cmd.Stdout = os.Stdout >>> cmd.Stderr = os.Stderr >>> err:=cmd.Run() >>> if err != nil { >>> fmt.Println("ERROR:", err) >>> } >>> } >>> >>> When I compile, then do a chmod 4755, and run it. I get a permissions >>> denied. Looking for why this would be? >>> >> -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/192b7b23-8eed-4397-a5e3-16a63f91b2afn%40googlegroups.com.
[go-nuts] Re: setuid root
chmod 4755 is not enough. Your binary must be owned by root, to run root - setuid means "run as owner". Rich a következőt írta (2021. szeptember 20., hétfő, 19:54:33 UTC+2): > Yes. I tried running an exec: cmd=exec.Command("whoami") and it came as my > user id not root. But to set the permissions I'd run: 'chmod 4755 > myapplication' > > On Monday, September 20, 2021 at 11:20:39 AM UTC-4 Tamás Gulácsi wrote: > >> You mean "chown root app; chmod 4755 app" ? >> >> Rich a következőt írta (2021. szeptember 20., hétfő, 16:57:38 UTC+2): >> >>> I am trying to create a go program so that I can peform an action that >>> is more complex than the example I have below. I can't give sudo right so >>> run the application due to some policy we have at work that certain groups >>> can only have read permissions. The company also have a policy that states >>> any new directory / file is set with restrictive permissions. What I wanted >>> to do is create a program that runs as root. (Like ping runs as root) but >>> it doesn't seem to work. >>> >>> package main >>> >>> import ( >>> "fmt" >>> "os" >>> "os/exec" >>> ) >>> >>> func main() { >>> cmd:=exec.Command("chmod","770", "/opt/app/mnt/mydirectory") >>> cmd.Stdout = os.Stdout >>> cmd.Stderr = os.Stderr >>> err:=cmd.Run() >>> if err != nil { >>> fmt.Println("ERROR:", err) >>> } >>> } >>> >>> When I compile, then do a chmod 4755, and run it. I get a permissions >>> denied. Looking for why this would be? >>> >> -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/f7b98090-5e32-44a9-983f-4b4cec52cb7dn%40googlegroups.com.
[go-nuts] Re: setuid root
Yes. I tried running an exec: cmd=exec.Command("whoami") and it came as my user id not root. But to set the permissions I'd run: 'chmod 4755 myapplication' On Monday, September 20, 2021 at 11:20:39 AM UTC-4 Tamás Gulácsi wrote: > You mean "chown root app; chmod 4755 app" ? > > Rich a következőt írta (2021. szeptember 20., hétfő, 16:57:38 UTC+2): > >> I am trying to create a go program so that I can peform an action that is >> more complex than the example I have below. I can't give sudo right so run >> the application due to some policy we have at work that certain groups can >> only have read permissions. The company also have a policy that states any >> new directory / file is set with restrictive permissions. What I wanted to >> do is create a program that runs as root. (Like ping runs as root) but it >> doesn't seem to work. >> >> package main >> >> import ( >> "fmt" >> "os" >> "os/exec" >> ) >> >> func main() { >> cmd:=exec.Command("chmod","770", "/opt/app/mnt/mydirectory") >> cmd.Stdout = os.Stdout >> cmd.Stderr = os.Stderr >> err:=cmd.Run() >> if err != nil { >> fmt.Println("ERROR:", err) >> } >> } >> >> When I compile, then do a chmod 4755, and run it. I get a permissions >> denied. Looking for why this would be? >> > -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/f381480a-0c62-46d4-b739-de7c07d182ffn%40googlegroups.com.
[go-nuts] Re: setuid root
Try: cmd:=exec.Command("id") If it's definitely running as root then it could be other system-level restrictions: SELinux for example. If so, "dmesg" output may give you a clue, logging the policy violation. On Monday, 20 September 2021 at 16:20:39 UTC+1 Tamás Gulácsi wrote: > You mean "chown root app; chmod 4755 app" ? > > Rich a következőt írta (2021. szeptember 20., hétfő, 16:57:38 UTC+2): > >> I am trying to create a go program so that I can peform an action that is >> more complex than the example I have below. I can't give sudo right so run >> the application due to some policy we have at work that certain groups can >> only have read permissions. The company also have a policy that states any >> new directory / file is set with restrictive permissions. What I wanted to >> do is create a program that runs as root. (Like ping runs as root) but it >> doesn't seem to work. >> >> package main >> >> import ( >> "fmt" >> "os" >> "os/exec" >> ) >> >> func main() { >> cmd:=exec.Command("chmod","770", "/opt/app/mnt/mydirectory") >> cmd.Stdout = os.Stdout >> cmd.Stderr = os.Stderr >> err:=cmd.Run() >> if err != nil { >> fmt.Println("ERROR:", err) >> } >> } >> >> When I compile, then do a chmod 4755, and run it. I get a permissions >> denied. Looking for why this would be? >> > -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/4984a142-96c7-4d8e-af19-e30c7f039ee1n%40googlegroups.com.
[go-nuts] Re: setuid root
You mean "chown root app; chmod 4755 app" ? Rich a következőt írta (2021. szeptember 20., hétfő, 16:57:38 UTC+2): > I am trying to create a go program so that I can peform an action that is > more complex than the example I have below. I can't give sudo right so run > the application due to some policy we have at work that certain groups can > only have read permissions. The company also have a policy that states any > new directory / file is set with restrictive permissions. What I wanted to > do is create a program that runs as root. (Like ping runs as root) but it > doesn't seem to work. > > package main > > import ( > "fmt" > "os" > "os/exec" > ) > > func main() { > cmd:=exec.Command("chmod","770", "/opt/app/mnt/mydirectory") > cmd.Stdout = os.Stdout > cmd.Stderr = os.Stderr > err:=cmd.Run() > if err != nil { > fmt.Println("ERROR:", err) > } > } > > When I compile, then do a chmod 4755, and run it. I get a permissions > denied. Looking for why this would be? > -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/df521cb8-432c-4dfc-93be-80197d9bb3e9n%40googlegroups.com.