Using d-bus to start root binaray with usr binary
-
Hello,
i have an embedded linux system where i have 2 or more processes which are running parallel. One of these processes is a root process. Now i have to send a message from a non root process to the root process, which shall call one of its functions. in this case just print out a qDebug() - just for testing.
I have been instructed to use QDBusConnection.
I have absolutely no Idea how to solve this...
Hope anyone can help me :-) -
@d-rein You should start here if you want to use DBus: https://doc.qt.io/qt-5/qtdbus-index.html
-
@d-rein said in Using d-bus to start root binaray with usr binary:
But is it possible to advise a root process to do somethang as local user process? Or very complicated?
It's "complicated", unless you know about
seteuid()
et al. and how to use them :)I know nothing about "DBusses" :) But if your message is, say, something across a socket connecting two processes, it is "OK" for one process to run as root and the other to run non-root, nothing actually forbids that. Of course, you do have to be careful that if a root process is asked to do something, particularly by a non-root process, the action is "safe". For example, if the root process received a message containing an arbitrary OS command from another process, and the other process sent
/bin/rm -fr /
, it wouldn't be very good if the root process did execute that...! -
@jsulm Yes on my system i have 15 processes running parallel. At the moment, if you log into the system you have root. What i have to do is the change this so when i user is logging in he has only user privileges. There is just on process that needs root privileges. The networkmanager. This is the process i have to advice to do something
-
It's "complicated", unless you know about
seteuid()
et al. and how to use them :)No. I dont know anything about it. But this can be changed :-)
And yes the connection to my systeem is over a websocket and shall start a non root process. actually we already use dbus in our system. But actuelly every process is started by a root user. So there is no problem but we want to change all except one to non root and just allow on process to run with root privs
-
@d-rein said in Using d-bus to start root binaray with usr binary:
But actuelly every process is started by a root user
How exactly do you start these processes? Do you use systemd?
-
@d-rein In that case you can specify the user the process should use in its service file, see https://askubuntu.com/questions/676007/how-do-i-make-my-systemd-service-run-via-specific-user-and-start-on-boot
"You can specify the directives User= and Group= in the [Service] section of the unit file.".