Reputation: 1100
Sudo Java calling C app and Permissions
I am calling a C application (console only) from my Java application. I am calling it with: Process proc = rt.exec("./Debug/CPP_CL --device 0"); The CPP_CL needs access to clinfo() hardware .. so the GPU hardware as its processing on the GPU's. Hence, in this case needs to run as sudo/root.
Its all working fine at the moment but only if I run the Java JAR as sudo. Currently for testing only the CPG is chmod 777 (I know bad).
What I would like to know is what’s the best way to do this ? Will the CPP run as SUDO if called by SUDO java ? Or does it need to be chmod'ed ? If so what’s the best chmod value ?
Thanks.
Upvotes: 1
Views: 91
Answers (2)
Reputation: 1100
Answer:
This worked.. I was able to sudo from Java and with the above no PWD is required for that application.
Upvotes: 0
Reputation: 11434
Running Java with root is, as you said, one possibilty, but not exactly good.
The usual chmod flags (rwx) too won´t help you.
Just call it with a sudo won´t solve anything. Usually, a password is required, and if the java program can enter it (ie. it knows the root password) ... well, then it´s the same as above again.
As said in the comments, you can add a exception to sudo, but there are some catches:
You can only specify a program/script file, but no parameter limitation. You will need a script file which calls ./Debug/CPP_CL --device 0 (better with full path) and add the batch file as exception.
Furthermore, you have to make sure that the script file can´t be modified by users (chmod of the file) and can´t be deleted (chmod of the containing directory). File modification would mean that the modifying user can put anything in it and run it as root, and deletion would let the user place another file there with this name = same effect. Given that, you can call with with sudo.
If you wnat to call it without sudo, make another script file which just calls file 1 with sudo.
Another possibility is the special chmod flag SUID on the program itself (if it is enabled/supported in your distro). But here again, you can´t limit the parameters.
About the data files: A file created by a root program will be owned by root. chmod/chown as root can change that. If you only need to read the file, default umasks will allow that on many systems (if the files are in not-only-root-directories like /root)
Upvotes: 1
Related Questions
- Call a Java program from a C program in Linux
- How do I run a Java program from a C program?
- File Permission issue javac
- Want to run C program exectable from java
- Netbeans permission denied when running programs in ubuntu
- assigning linux capability to one java process
- How to run your java app using Sudo on MAC OS X
- sudo permission problems in c program
- Java and C integration - running an app
- Java application permissions