[英]Programmatically drop Linux cache as non-root user
For testing purposes, I can drop cached memory by writing to the drop_caches file in Linux under the procfs. 出于测试目的,我可以通过在procfs下写入Linux中的drop_caches文件来删除缓存内存。 I can only do this as root.
我只能以root身份执行此操作。 This is on embedded Linux so there is no sudo.
这是在嵌入式Linux上,因此没有sudo。
sync; echo 3 > /proc/sys/vm/drop_caches
I can write to the file programmatically in c++ by doing something from the post --> How to programmatically clear the filesystem memory cache in C++ on a Linux system? 我可以通过以下方式在c ++中以编程方式写入文件 - > 如何在Linux系统上以编程方式清除C ++中的文件系统内存缓存?
sync();
std::ofstream ofs("/proc/sys/vm/drop_caches");
ofs << "3" << std::endl;
The challenge is wanting to do this while running the app as a non-root user. 挑战是希望以非root用户身份运行应用程序时执行此操作。 On reboot, the permissions look like:
在重新启动时,权限如下所示:
# cd /proc/sys/vm/
# ls -lrt drop_caches
-rw-r--r-- 1 root root 0 Feb 13 19:50 drop_caches
And you cannot seem to change those permissions - even as root: 你似乎无法改变这些权限 - 即使是root:
# chmod 777 drop_caches
chmod: drop_caches: Operation not permitted
# chown user:user drop_caches
chown: drop_caches: Operation not permitted
How can I accomplish this on Linux? 我怎样才能在Linux上实现这一目标? Is it possible to change permissions of a procfs file?
是否可以更改procfs文件的权限? I can fully customize my kernel if necessary.
如有必要,我可以完全自定义我的内核。 Thanks -
谢谢 -
You can create an auxiliary executable (be very careful, it is dangerous) which any user can run it with root permissions. 您可以创建一个辅助可执行文件(非常小心,它很危险),任何用户都可以使用root权限运行它。
This is called setuid . 这叫做setuid 。
For safety reasons, you cannot setuid
a shell script. 出于安全原因,你不能
setuid
shell脚本。
Extracting from the wiki how to use it: 从wiki中提取如何使用它:
The setuid and setgid bits are normally set with the command chmod by setting the high-order octal digit to 4 (for setuid) or 2 (for setgid).
通常通过将高阶八进制数设置为4(对于setuid)或2(对于setgid),使用命令chmod设置setuid和setgid位。 "chmod 6711 file" will set both the setuid and setgid bits (2+4=6)
“chmod 6711 file”将同时设置setuid和setgid位(2 + 4 = 6)
As @rici noted, you still will need to have execution permission to execute this process, so you can remove execution permission from others
and keep it only on group
. 正如@rici指出的那样,您仍然需要具有执行权限才能执行此过程,因此您可以删除
others
执行权限并将其保留在group
。 So, only who is member of the group can execute it. 因此,只有谁是该组的成员才能执行它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.