Reputation: 181
Effective user id does not change after making the file owned by root
I'm currently reading a book on programming with C, I got to a part where I've got to write a program which will display the real uid and effective uid that the file is being executed on. After compiling the code with gcc, I input the command to see the current uOwner and gOwner ls- l id_demo the output is this:
-rwxrwxr-x 1 user user 8629 Sep 21 13:04 id_demo
I then execute the program itself, this is what I get:
real uid: 1000 effective uid: 1000
...so far so good. I then input a command to change the owner of the file:
sudo chown root:root ./id_demo
The ls -l confirms that the owner has been changed to root:
-rwxrwxr-x 1 root root 8629 Sep 21 13:04 id_demo
Again, executing the program shows real uid and uid as 1000. The last step after which the uid must be 0 is this: sudo chmod u+s ./uid_demo but for me they stay as 1000, where in the book the output is clearly show to be this:
real uid: 1000
effective uid: 0
Any ideas why is this happening?
UPDATE
id_demo source code:
#include <stdio.h>
int main ()
{
printf("real uid: %d\n", getuid());
printf("effective uid: %d\n", geteuid());
}
UPDATE 2 Screen shots
PLEASE HELP. I'm going crazy I spent 6+hour looking for the solution and I need to move on.
Upvotes: 6
Views: 2971
Answers (2)
Reputation: 393
We've figured it out. The cause is an ecryptfs-mounted home directory. The mount output contains the following line:
/home/evgeny/.Private on /home/evgeny type ecryptfs
That means that the home directory isn't actually part of the root filesystem (that has the necessary suid flag), but its own virtual filesystem that apparently doesn't support setuid binaries by default. I have successfully reproduced the issue with a test user that has an encrypted home directory.
It is possible to add the suid flag to the ecryptfs with the following command:
sudo mount -i -o remount,suid /home/evgeny
I'm not certain though how safe that is, nor how to change it permanently so that it would survive reboots.
Upvotes: 8
Reputation: 16406
This works for me:
compile
$ gcc uid_demo.c -o uid_demo
$ ll
total 12
-rwxrwxr-x 1 saml saml 6743 Sep 21 17:05 uid_demo
-rw-rw-r-- 1 saml saml 116 Sep 21 16:58 uid_demo.c
chown
$ sudo chown root:root uid_demo
$ ll
total 12
-rwxrwxr-x 1 root root 6743 Sep 21 17:05 uid_demo
-rw-rw-r-- 1 saml saml 116 Sep 21 16:58 uid_demo.c
chmod
$ sudo chmod u+s uid_demo
$ ll
total 12
-rwsrwxr-x 1 root root 6743 Sep 21 17:05 uid_demo
-rw-rw-r-- 1 saml saml 116 Sep 21 16:58 uid_demo.c
run
$ ./uid_demo
real uid: 500
effective uid: 0
Upvotes: 2
Related Questions
- Why is setuid not running as the owner?
- RealUID, Saved UID, Effective UID. What's going on?
- Confused: File ownership changed with setuid special permission flag
- Effective UID doesn't behave as expected
- setuid not changing uid
- Program still able to open root only files after setuid and setgid
- Executable with set-user-ID-on-execution option doesn't set effective uid
- set-UID bit not working as intended
- Why my own suid-ed program still holds the original uid?
- files owner:group doesn't change at location /proc/<pid>/ after setuid()?