Re: start / run a program only when logged in as root

From: Sean Thomas Middleditch <sean middleditch iname com>
To: Hassan Aurag <aurag crm umontreal ca>
Cc: Adam Sleight <adams linearcorp com>, gnome-devel-list gnome org
Subject: Re: start / run a program only when logged in as root
Date: Wed, 24 May 2000 21:33:50 -0400

You Don't (tm).

There is no way to do that.  You have to use PAM.  PAM is a seperate
program that will check the password, and run the program as root.  The
only other thing you can do is set a program to setuid root, and then have
it check the password (since root programs could read the /etc/passwd
file), but I STRONGLY discourage this.  Use PAM, or one of the graphical su
commands (btw, what is the status of the gnome-su program, or gsu, or
whatever it is callled... I have some use for that I don't like using
kdesu).

I'll reiterate: use PAM if you must have GUI root-programs run by users.
I don't which UNICes support it, but if there are any that don't , maybe we
should all get together and port it.  PAM is simple... you add a file to
/etc/pam.d that describes what user to login as, etc, and make a link from
the /usr/bin program (or whatever program) to consolehelper, which then
runs a program from /usr/sbin with the same name as what consolehelper was
evokd with (so if you have a link /usr/bin/myprog to consolehelper, and run
it, consolehelper will try to run /usr/sbin/myprog).  If X is running, a
window pops up asking for the password (in RedHat it looked like a
GTK based window, actually, not sure, I don't use RedHat anymore anyways),
or in the console a little line is printed asking for the root password.
Then, if the password is right, it runs.  It's incredably ingenius.
I mean, it's so simple.  A little setuid root program, VERY simple (simpler
generally means more secure and bug-free), that does all that.

Wish I'd have thought of it.

And luckily for you, PAM doesn't care what language the program is in, so
you can use Python, C++, or Visual Basic (well, that one only
theoretically... thank the Gods).

Sean Etc.

Hassan Aurag wrote:

>  Ok, say you got the root password: example with
> gnome.app.equest_password (I think the name is correct), what next?
>
>  How do you change to root user? How do you check password?
>
>  A small example would be nice. Something in Python?

Follow-Ups:
- Re: start / run a program only when logged in as root
  - From: Christopher T. Lansdown

References:
- start / run a program only when logged in as root
  - From: Adam Sleight
- Re: start / run a program only when logged in as root
  - From: Sean Thomas Middleditch
- Re: start / run a program only when logged in as root
  - From: Hassan Aurag

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]