[mythtv-users] SUID not working
Daniel Segel
mythtv at archer-segel.com
Thu Nov 3 23:07:21 EST 2005
Louie Ilievski wrote:
> On Thursday 03 November 2005 06:20 pm, huffman at graze.net wrote:
>
>> I'm running FC4, but disabled selinux on install. However, even when I make
>> mythfrontend SUID root, and select realtime priority, it does not use it
>> when it starts.
>>
>> The only way that realtime priority works is if I add mythtv to sudoers and
>> then run mythfrontend from sudo. However, I'd like to make this work using
>> SUID.
>>
>> Any ideas?
>>
>
> It's nice to know I'm not the only one with this issue. I thought it might
> have something to do with Gentoo, but I guess not. I brought this issue up a
> while back (you can search the lists), but did not really discover a
> solution, only possible workarounds. I have tried a lot of things but MythTV
> just won't take it.
>
> Unfortunately I don't have any solution for you, but just wanted to let you
> know that you're not the only one. At the time I'm simply re-nicing the
> mythfrontend process to -19 in my startup scripts.
>
I can answer this for Gentoo, and maybe FC4 as well. The command
everybody is told to use to apply the SUID bit is 'chmod a+s
mythfrontend', and while this *should* apply the SUID bit to the User,
Group, and Other bits, in fact it only applies it to the User and Group
bits. It's probably designed that way so you don't open up permissions
to guest accounts and whatnot.
The reason this is a problem is because the mythfrontend binary is
frequently installed with user:group set to root:root, and if you launch
it as a regular user then you're really launching it via the 'other'
bits. The solution is to 'chown root:users mythfrontend' and then do the
chmod a+s thing to it again. now if you launch it as a regular user (as
long as they are in the users group) it should run as root, with root
priority.
Daniel
More information about the mythtv-users
mailing list