skript root privileges

I wanted to write a script to loopbackmount an encrypted partition. Everything works fine except that i want to trigger it remotely e.g. on startup. Therefore i need root privileges. Since SUID is not possible for *.sh i decided to make a little c program, where SUID should work, which’s only purpose is to call the script *.sh. But that doesn’t work out. Looks like this:


int main ...{
  return 0;

and mountcrypto.prog -rwsr-x— root family

Am i conceptually wrong or did i just miss a little detail?

Best regards

Perhaps I’m missing something and that c stuff is like hieroglyphics to me :wink:

But from playing with bash scripts doesn’t boot.local execute them as root and at the correct time?

Actually i don’t want to run it on startup it was just an example. The important part are the privileges and not the actual time. Did i get you right that the c code is basically wrong (because the script gets started by the program).
I thought scipts inherit the privileges of the caller? And by the SUID Bit the program should be root isn’t it?

I really should step out as I have no clue about the SUID bit of C.

From the very little I know this can be done with expect, but this is not recommended.

Here I would of thought sudo would be your best bit, and using yast to run the script passwordless. Though I’m making presumptions this is what you wish to achieve.

Though as you said said startup I really would of thought boot.local would be the best place as it will execute it with root rights.

I step out now hopefully a C expert can help you more specifically as it is something I really don’t even begin to understand.

I am quite flexible here so let me explain and grab some of your ideas. I want to bind that loopfile by a desktop shortcut (and espacially not at bootup) and though i don’t appreciate it wouldn’t bother me to much to hit a second password(root) beside the loopback password. My problem is the link in .kde/shutdown, because i dont want to enter a password on shutdown all the time. I think my problem with sudo was that modprobe end losetup won’t work with sudo only with su. But can you tell me a bit more about that yast passwd workaround: where i would find that?

**** you would ask me awkward questions :wink: I’ve just lost my hdd with Suse on and was waiting for GM before squeezing it back on.

I really can’t remember exactly where but in yast there’s a sudoers module. If you open this iirc it is relatively straight forward. So here you add the path to make sure it’s whole just in case /home/user/blah/blah follow it through this will give you options like run as, so in this case root and options like passwordless.

So now it should run passwordless as sudo, yes you’re correct sudo’s path isn’t quite the same as su iirc. Should you encounter problems I presume you can also add the bits to sudoers. Thinking very carefully as it will be passwordless and then call them as sudo in the script if needed. Do this as a last resort and take careful consideration i.e do you really want a passwordless modprobe :wink:

As for .kde/shutdown I wish all distro’s were the same I’m making the presumption this is similar to Autostart. Now if this is the case I suspect you should be able to manage the other bits again with a shutdown script being called as sudo.

One other thing as you said you need to add the crypt passwd I’ve presumed the desktop link script has given you a way to input this, and this isn’t the passwd on shutdown we’re talking about.

This is all related to sudoers which is at /etc/sudoers normally, googling sudoers will help more… A start here Sudoers Manual

Great I found it and wasn’t to confusing. It seems to work out except that my kdialog now cannot connect to X-server. But since this is the binding part, which i could do manually it’s not that a problem. The unbinding, which has to work by triggering, doesn’t have that graphical stuff, so it should do it. I try that out later. Until then:


Glad you solved it think I know why the dialog isn’t quite working. I really don’t know the proper way but when I had Suse in a chroot, I had one line that allowed me to run Suse bits in the running X well 2 :wink: you only need one as I needed it for user and root in a mnt.

cp /home/user/.Xauthority /root/.Xauthority

Should do it for you in your script I know it allows root cron to run X apps in the users env.

I really, really do not know the security implications of this and hope if this is terribly wrong someone will correct it.