setuid: operation not supported
Question
package main
import (
"log"
"syscall"
)
func main() {
setuidErr := syscall.Setuid(0)
if setuidErr != nil {
log.Fatal(setuidErr)
}
}
When I run above code, I get the following error:
operation not supported
exit status 1
go version: 1.15.5
Can anyone help me?
2 answers
solution1
2 ACCPTED 2020-11-19 09:38:06
Here is a quote from the official documentation
On Linux Setuid and Setgid only affects the current thread, not the process. This does not match what most callers expect so we must return an error here rather than letting the caller think that the call succeeded.
A possible solution is in this commit
solution2
1 2021-03-02 16:18:34
syscall.Setuid() is fixed in go 1.16 on Linux. You can download go 1.16 as follows:
$ go get golang.org/dl/go1.16
$ ~/go/bin/go1.16 download
Try compiling with:
$ ~/go/bin/go1.16 build prog.go
You will get a different error: "operation not permitted". This is the kernel preventing trivial privilege escalation...
You want to do one or the other of:
$ sudo /sbin/setcap cap_setuid=ep ./prog
Or,
$ sudo chown root ./prog
$ sudo chmod +s ./prog
Now, when you run the command it won't log the error:
$ ./prog
$ echo $?
0
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.