当程序需要以 sudo 运行时,读取 ~/.config 下的程序配置文件
[英]Read program's config file under ~/.config when program needs to run as sudo
问题描述
I'm building a program in C that reads it's configurations from the user's config directory and it gets the ~ path using getenv("HOME") .
我正在 C 中构建一个程序,它从用户的配置目录中读取它的配置,并使用getenv("HOME")获取~路径。 Since this program needs root privileges if I run it as a sudo the getenv("HOME") changes and I can't read the configurations file under ~/.config .由于如果我以sudo运行该程序需要 root 权限,因此getenv("HOME")会发生更改,并且我无法读取~/.config下的配置文件。
Right now I have 2 ideas in my mind how can I do that:现在我有两个想法我该怎么做:
- To change the ownership of the program to root, then give it suid permission for user, which I think is not very recommended since it can cause vulnerabilities.将程序的所有权更改为root,然后给它用户suid权限,我认为不太推荐,因为它可能会导致漏洞。
- To run program with
sudo, get the name if the logged user usinggetlogin()then I can make the~path by gluing/home/getlogin() return address/.要使用sudo运行程序,如果登录用户使用getlogin()获取名称,那么我可以通过粘贴/home/getlogin() return address/来制作~路径。 Bu the truth I'm a little bit afraid of this solution and I don't know how relevant it is.但事实上我有点害怕这个解决方案,我不知道它有多相关。
So I'm here guys to ask for some ideas if that possible.因此,如果可能的话,我在这里寻求一些想法。
Thanks for you time.谢谢你的时间。
Update:更新:
Maybe it is good to note that the specific part which requires the root privileges is the part of the code which executes program that requires these privileges from /usr/bin using a function that forks from parent process then execute the program using execv() .也许需要注意的是,需要 root 权限的特定部分是执行程序的代码部分,该程序需要/usr/bin使用 function 从父进程派生然后使用execv()执行程序。
1 个解决方案
解决方案1
0 2021-03-24 13:59:40
So for everyone who will face the same problem I managed to get an solution for executing program from /usr/bin/ without technically prepending sudo at the beginning of the program which will change the getenv("HOME") path.因此,对于将面临同样问题的每个人,我设法从/usr/bin/中获得了执行程序的解决方案,而无需在程序开头技术上预先添加sudo ,这将改变getenv("HOME")路径。
So lets say I have this function that forks and run a program:所以假设我有这个 function 分叉并运行一个程序:
/*
*This function will fork the parent process to create a
*child process then execute commands using one of the exec
*familie's functions. Return -1 for fork failure, 1 for execv()
*failure, otherwise 0.
*/
int exec_command(const char *prog_name, char *commands[]) {
char prog_path[strlen("/usr/bin/")+strlen(prog_name)];
int status;
pid_t pid;
pid_t ret;
sprintf(prog_path, "/usr/bin/%s", prog_name);
pid = fork(); //Create a new child process
if(pid == -1) {//If failed to create new child
fprintf(stderr, "An error occured while creating a child process.\n");
return -1;
}
else if(pid != 0) { //If child process didnt start
while((ret = waitpid(pid, &status, 0)) == -1) { //Wait for child
if(errno != EINTR) { //If the waitpid() error isnt an interrupte signal
fprintf(stderr, "An error occured while waiting for the child process.\n");
return -1;
}
}
}
else
if(execv(prog_path, commands)==-1) //If command wasnt found
return 1;
return 0;
}
And for example I want to install a package using pacman (which obviously requires root privileges), I can do something like this:例如,我想使用pacman安装 package(显然需要 root 权限),我可以这样做:
int main() {
char *command[] = {
"sudo", "pacman", //Sudo is the program name, pacman is the program i want to execute using sudo.
"-S", "package_name", NULL
};
exec_command(command[0], command);
return 0;
}
This way I manged to execute program that requires root privileges without prepending sudo when executing my program which gives me the chance to get user's home path before calling the exec_command() because sudo won't be executed before this point.通过这种方式,我可以在执行我的程序时执行需要 root 权限的程序而无需预先添加 sudo,这使我有机会在调用exec_command()之前获取用户的主路径,因为在此之前不会执行sudo 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.