424,054 Members | 1,078 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,054 IT Pros & Developers. It's quick & easy.

permission problem with os.setuid

P: n/a
I have a script that sometimes is run by myself (user id 501) and sometimes
by the mailer program as nobody/nogroup (userid 65534). I would like to change
the effective uid to 501 in any case, to get the right permissions, but
os.setuid and os.seteuid give me a OSError No. 1. Is there a way to get what I
want? My requirement is that the script should work indipendently from the
mailer program, i.e I would like to avoid configuring the mailer program by
hand. I am working on linux with postfix on Mandrake and exim4 on Debian.
Any suggestion?

Michele Simionato
Jul 18 '05 #1
Share this Question
Share on Google+
3 Replies


P: n/a
Michele Simionato wrote:
I have a script that sometimes is run by myself (user id 501) and sometimes
by the mailer program as nobody/nogroup (userid 65534). I would like to change
the effective uid to 501 in any case, to get the right permissions, but
os.setuid and os.seteuid give me a OSError No. 1. Is there a way to get what I
want? My requirement is that the script should work indipendently from the
mailer program, i.e I would like to avoid configuring the mailer program by
hand. I am working on linux with postfix on Mandrake and exim4 on Debian.
Any suggestion?

Once a process is running as nobody (or any other non-root user account), you
cannot simple change the uid - that's a (very important) feature not a bug! To
change the uid you have to be root first, 'sudo' may help you - though I don't
know about the details how this works...
Possible pseudocode (and by pseudo I mean pseudo ;)

if os.getuid() == 0: # I'm root
os.setuid(501)
elif os.getuid() != 501:
os.exec*("sudo", "myscript.py") # script is restarted, now as root

assert os.getuid() == 501
Jul 18 '05 #2

P: n/a
Benjamin Niemann <b.*******@betternet.de> wrote in message news:<ci**********@online.de>...
Once a process is running as nobody (or any other non-root user account), you
cannot simple change the uid - that's a (very important) feature not a bug! To
change the uid you have to be root first, 'sudo' may help you - though I don't
know about the details how this works...
Possible pseudocode (and by pseudo I mean pseudo ;)

if os.getuid() == 0: # I'm root
os.setuid(501)
elif os.getuid() != 501:
os.exec*("sudo", "myscript.py") # script is restarted, now as root

assert os.getuid() == 501


Uhm ... I wanted somewhat to avoid "sudo". Anyway, at the end I have decided
to change the design so that the script is always run as nobody.
This solves as well other issues and I am happy with it.
Michele Simionato
Jul 18 '05 #3

P: n/a
Michele Simionato wrote:
Benjamin Niemann <b.*******@betternet.de> wrote in message news:<ci**********@online.de>...
Once a process is running as nobody (or any other non-root user account), you
cannot simple change the uid - that's a (very important) feature not a bug! To
change the uid you have to be root first, 'sudo' may help you - though I don't
know about the details how this works...
Possible pseudocode (and by pseudo I mean pseudo ;)

if os.getuid() == 0: # I'm root
os.setuid(501)
elif os.getuid() != 501:
os.exec*("sudo", "myscript.py") # script is restarted, now as root

assert os.getuid() == 501

Uhm ... I wanted somewhat to avoid "sudo". Anyway, at the end I have decided
to change the design so that the script is always run as nobody.
This solves as well other issues and I am happy with it.

....and is the best solution. As long as it doesn't need more rights than
'no'body, there's no point in running it as 'some'body.
Jul 18 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.