I got a question.
That is I want to retrieve a system uuid to generate an identity. But I found that root privilege is needed if I execute command cat /sys/devices/virtual/dmi/id/product_uuid.Just same as dmidecode -s system-uuid,Someone tell me that I can install lshal. But I don't want to install it. Because code will not work if others computer didn't install lshal.
So I want to get product_uuid without root privilege.
Related
I have a program that I need to run with sudo. I create a directory using mkdir, but this directory has owner and group set to root. That makes sense since I am using sudo. I would like to change the owner and group to the normal user, but I'm not sure how to do that. I thought running system("chown $USER:$USER /directory/") would work, but I suppose since I am in sudo it will just set to root. I was looking into using chown, but I wasn't sure how I was supposed to get the owner and group id. Also it would be good for it to be portable, so I don't want to just hardcode a user/group id.
You're mostly on the right path already, chown is the command you're looking for here.
You can string the two commands to make and then own the directory together using a semicolon.
sudo mkdir test ; sudo chown $USER:$USER test
I've tested this on ubuntu 18.04 and ubuntu 20.04 as that's your tag. The $USER variable resolves to the user that you originally logged in as, not root, as long as you're using it at the beginning of your command like the above. Note that you need to call sudo again when doing the chown portion, the ; ends the sudo elevation.
The coreutils package includes an useful little command, install, you can use instead of mkdir in a sudo context. For example,
sudo install -o USER -g GROUP -m MODE -d DIRECTORY
where USER is the user to own the directory DIRECTORY, GROUP is the group to own the directory, and MODE is the access mode (like chmod) to the directory.
Because system(COMMAND) and popen(COMMAND,...) actually run /bin/sh with -c and COMMAND as parameters, you can use the form
sudo install -o $(id -u) -g $(id -g) -m u=rwx,g=r-x,o=x DIRECTORY
where the shell replaces the user and group names (or rather, numbers, since I'm not using the -n option) before executing sudo. (The id command is also included in coreutils, so you can definitely expect both install and id to be available on all full-blown Linux machines; and even on most embedded systems. It is what all package managers et cetera use to install files, you see.)
Above, I used the mode u=rwx,g=r-x,o=x (equivalently, 0751) as an example; it sets the mode to rwxr-x--x, i.e. grants access to everybody, with owner user and group being able to list the directory contents, and only the owner user being able to create new files or directories in it.
I have been using the Windows Subsytem for Linux for SPIN(Promela) for quite some time.
However, without any changes in the setup, suddenly since 28 Oct 2019, I am getting error 'Permission denied' error for '/usr/bin/spin'.
Other commands in the same location '/usr/bin/..' work just normally like earlier. I verified for clear, gcc -v, yacc -v and sudo apt install gcc.
The command location in WSL is under directory 'rootfs', which cannot be accessed using 'cd' or 'chmod'. So I do not know if it actually is a rights problem, because other commands in the same location work fine.
What is weird is that 'sudo apt install spin' says "spin is already the newest version (6.4.6+dfsg-2)." But 'spin -v' says "-bash: /usr/bin/spin: Permission denied"
The trivial solution given by Patrick seemed to work. ;)
Since there was this permission denied error for the file in rootfs/usr/bin removal was also not possible. So I first manually deleted the file from the location, followed by sudo apt remove spin and then 'sudo apt install spin'.
Now spin seems to work just fine.
I'm just starting to learn code (python) and so learning how to use the terminal...
Often I've got permission errors when I try to install packages and libraries. Each time I can solve it by using 'sudo' but I don't really understand what sudo does that pip does not.
Can someone help me to understand please? Is there something wrong in my configuration or system? I get that I don't have the permission to install package I need but I don't know why.
"sudo allows a permitted user to execute a command as the superuser or another user, as specified by the security policy." (sudo manual)
There are some directoryes you need administrator privileges to have read/write access. When executing pip with sudo, the installer will have the permission needed to install some packages. Probably there's nothing wrong with your system or configuration! ^^
I recently updgraded MacPorts from 1.9.2 to 2.0.3. Since then, I've lost the ability to run as sudo.
sudo: can't stat /opt/local/etc/sudoers: No such file or directory
sudo: no valid sudoers sources found, quitting
Unsure if these are related, but I'm wondering what the best course of action is at this point.
port installed returns
sudo #1.7.4p2_0
sudo #1.7.7_0 (active)
Further investigation suggests I've installed MacPorts' sudo without an accompanying /opt/local/etc/sudoers file. I've managed to create such a file using visudo, copying the content of /etc/sudoers, chmod to 0440 and ownership to root:wheel.
I guess the question now is whether I should use MacPorts' sudo or uninstall it? And how did I end up with installing the MacPorts' sudo?
Not a Mac man myself, but have a look at this page:
http://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/man5/sudoers.5.html
...and also a look at the man page for visudo, which is used to edit the sudoers file:
http://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/man8/visudo.8.html#//apple_ref/doc/man/8/visudo
I'm programming application using libpcap. when I debug the application in normal mode, pcap cannot get the network device. it seems that I have to debug the application in root.
How can I debug the application in root? I have the root password.
I think eclipse has such an option that can add root for the debugging application,but I don't know how to do it.
please help.
Enable your user to run gdb as root without being asked for any
password:
sudo visudo
Add the following line after all other rules:
<youruser> ALL=(root) NOPASSWD:/usr/bin/gdb
Create or modify a debug configuration in eclipse to run gdb as root
e.g. in Run > Debug Configurations > C/C++ Application > YourProject Debug:
change Debugger > Main > GDB debugger from gdb to sudo -u <youruser> gdb
Update (and warning!):
In his comment nategoose pointed out that this answer should come with a warning:
Enabling a user to use sudo for gdb like suggested in my answer in fact gives admin privileges to him/her which in many cases might be an undesired side effect. I therefore consider the answer appropriate in an environment where it's not assumed that the user would try to harm the system (e.g. it's your own personal computer or a virtual machine)
For a multi-(non-trusted)-user environment I think it might be a better idead to utilize unix' file capabilities to enable gdb to debug an application without the need of admin privileges
You can use gdbserver on localhost to attach a existing process, the following is the command line:
sudo gdbserver :<listening port> --attach <pid>
Or you can create a new process using gdbserver:
sudo gdbserver :<listening port> <process executable>
Then you can create a debugging configuration in Eclipse, in the debugger tab, the debugger item, select gdbserver, and input the listening port in the connection tab in the bellow.
Launch Eclipse with sudo (just for completeness: http://www.eclipse.org/forums/index.php?t=msg&goto=516838&)
Update: Follow xmoex solution. If you run Eclipse as root (ie. using sudo) your files will be root-owned... which you probably don't want.
Another solution is to grant you (or the gdb executable) the rights to make some pcap captures as mentioned here. With something like this :
setcap cap_net_raw,cap_net_admin=eip /usr/bin/gdb
you should be able to allow to capture packets to gdb without being root.
Here's how I did it:
Create a C/C++ Remote Application
On the target, make sure your sudo does not prompt for a PW
Look at Debug Configurations → Debugger → Port number
Edit Debug Configurations → Main → Commands to execute before application
Change to:
sudo gdbserver :<port number> <path to application>;exit #
This will basically run the gdbserver that would normally be executed by eclipse inside the sudo, the trailing '#' will keep the eclipse command from executing.
this question was asked a long time ago but if this will help to anybody I open a bug in bugzilla and this short thread solved the problem:
bugzilla bug
From the console in the directory with your executable:
sudo gdb ./my_program
If eclipse supports remote debugging then you could do that even though it is running locally.
From the console:
sudo gdbserver localhost:<port_number> ./my_program
And then tell Eclipse the address (localhost and the port number you chose).
Oh yeah, you said the reason you were doing this was because you were using libpcap, so you may not want to use remote debugging over TCP because you may end up capturing your debugging connection packets in addition to your other network traffic.
In that case you do your remote (but really local) debugging over a serial port. I have never done this on a local machine, but you could use two actual serial ports (attaching them though a null modem) or try using a psudoterminal:
sudo gdbserver /dev/ptmx ./my_program
This will create the psudo-terminal under /dev/pts/ but you'll have to figure out the name of it, and it might also create it with restrictive permissions. You can get around those. Unless you are running lots of terminal windows as root, it is not likely that you have many entries under /dev/pts that belong to root, so take note of the one that does after running the above command and then sudo chmod or sudo chown it to make it usable for your normal user and then tell your debugger to use that as your serial connection to your remote debugging target.
easiest way, try sudo ./eclipse, then debug as usual