[英]How to start Java program as root but downgrade to non-root user
I am writing a Java program which will be running on Linux servers. 我正在编写一个将在Linux服务器上运行的Java程序。 The program needs to start as "root", do a certain operation (reading a file), and then downgrade itself to a non-root user, after the file has been read and closed.
程序需要以“root”身份启动,执行某项操作(读取文件),然后在读取并关闭文件后将其自身降级为非root用户。
I read through the following questions, but I haven't found a viable solution - especially since I am not dealing with http ports. 我阅读了以下问题,但我没有找到可行的解决方案 - 特别是因为我没有处理http端口。
https://askubuntu.com/questions/62713/how-to-downgrade-user-permissions-on-a-java-app-after-opening-port-80-443 https://askubuntu.com/questions/62713/how-to-downgrade-user-permissions-on-a-java-app-after-opening-port-80-443
https://serverfault.com/questions/112795/how-can-i-run-a-server-on-linux-on-port-80-as-a-normal-user https://serverfault.com/questions/112795/how-can-i-run-a-server-on-linux-on-port-80-as-a-normal-user
Running a part of a Java Program as Root 以Root身份运行Java程序的一部分
Any ideas on how to implement what I am trying to do? 关于如何实现我想要做的事情的任何想法?
SOLVED: As suggested in the answer, JNA did the trick for me. 解决: 正如答案所示,JNA为我做了诀窍。
Unfortunately there is no way to do this in pure Java. 不幸的是,在纯Java中没有办法做到这一点。
But you can use JNI or JNA to call setuid
system function. 但是您可以使用JNI或JNA来调用
setuid
系统函数。
For instance, you may reuse jetty-setuid
package for doing so: JAR + Native library . 例如,您可以重复使用
jetty-setuid
包: JAR + Native库 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.