Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Dear keepers of wisdom,

I'm trying to write a perl program to allow users to mount removable media and Samba shares into their own home directory. The script shall enforce certain options and will not allow file systems, which cannot be squashed to the user, i.e. support uid,gid options. The program has suid root and uses the perl-suid interpreter. The system is a Debian Lenny Linux.

The program basically works nicely, except for a crucial detail

user$ ./hmount --usb= ~/mnt
     Real uid: 1000
Effective uid: 0
whoami> root
INFO: Attached sda: (sda1 sda2 sda3) on USB bus 16:0:0:0
mount: only root can do that

[download]

As can be seen from the debugging output EUID is 0, which is confirmed by a forked whoami. mount obviously considers the program as non-root. This is how I call this mount:

system("$cmd_mount -t $fs -o $mand_opt $dev $mountpath");

Since Google produces a lot of hits indicating that Perl shall be the choice for such mount scripts, but does not produce a good example, I guess that this issue should be nothing principle.

Could you initiate me to the blessings of perl-suid?

Replies are listed 'Best First'.
Re: why does perl-suid not mount
by moritz (Cardinal) on Nov 10, 2010 at 10:14 UTC
[reply]
      why does perl-suid not mount

      For fear of having a bucket of water thrown over it by Mary Whitehouse ?

      Sorry :-)

      Cheers,
      Rob
[reply]

      If suidperl is deprecated, is there any successing concept for writing suid programs? Or will I have to write C code?

[reply]

        See perlsec. It also contains the 5 lines of C code you need to write to get a suid-launcher for your script.

[reply]
Re: why does perl-suid not mount
by zentara (Cardinal) on Nov 10, 2010 at 12:18 UTC
[reply]

      setcap was worth a try.

      # install -o root -g users -m 750 /home/lh/prog/hmount/hmount.pl /home
+/lh/prog/hmount/hmount
# setcap cap_dac_override,cap_sys_admin+ep /home/lh/prog/hmount/hmount

      [download]

      I'm not proficient with the capability system, but these caps were proposed for the mount command in the link that you supplied. The effect was similar and still mount denies its service:

      ~/prog/hmount$ ./hmount --usb= ~/mnt
     Real uid: 1000
Effective uid: 1000
whoami> lh
INFO: Attached sda: (sda1 sda2 sda3) on USB bus 17:0:0:0
mount: only root can do that

      [download]

      sudo on the other hand does not transport the real uid to the program, does it? So the program cannot determine what the $home of the real user may be, i.e. where mounting is deemed to be allowed.

      Anyhow, thanks for theese ideas.

[reply]
[d/l]
[select]
        So the program cannot determine what the $home of the real user may be...
        sudo normally sets $SUDO_UID and $SUDO_USER to the calling (original) user, which you could query in your script.
[reply]
[d/l]
[select]
Re: why does perl-suid not mount
by JavaFan (Canon) on Nov 10, 2010 at 12:41 UTC
    There might be a check somewhere not only for the EUID, but also for the UID. Try setting $< = 0, or by using POSIX::setuid.

    Having said that, you may want to get rid of perl-suid, as it has been deprecated for some time, and gotten rid of in 5.12. You're probably better of either using sudo, or putting the appropriate magic in your /etc/fstab so a file system can be mounted by a non-root user. For instance, on my home boxes, I have: 

    /dev/sdb1      /mnt/sdb1     auto    use    0 0
/dev/sdb2      /mnt/sdb2     auto    user   0 0

    [download]
    in my /etc/fstab file, allowing a non-root user to mount usb devices.
[reply]
[d/l]
[select]

      $< = 0 made it, at least until perl 5.12. I had not expected that I was allowed to do that, so I didn't try this obvious step.

      Thanks a lot!

      Unfortunately, neither sudo nor fstab can help. It is required that user A cannot access the media of user B. fstab solutions would at best bind a user to some device node, which is determined by the order of plugging the device and does not relate to users.

      In principle I could define a whole bunch of sudo rules per user, but this would require to rewrite the /etc/sudoers on all systems, whenever the central user LDAP changes. Such things tend to be unmaintainable.

[reply]
        If sudo or fstab won't help, you are probably at the point of having to make a special group, whose purpose it is to run that script/device. Then add that group to allowed users.

        This is from memory, but I'm sure Ubuntu allows it's users to run mount via sudo 

        sudo mount -t ext4 ....etc,etc

        [download]
        so I don't think any sort of filesystem permission checking stops mount by non-root users. Ubuntu may even have a group called mount. ?
        I'm not really a human, but I play one on earth.
        Old Perl Programmer Haiku ................... flash japh
[reply]
[d/l]
Re: why does perl-suid not mount
by andal (Hermit) on Nov 10, 2010 at 15:19 UTC

    I would create simple C program that attempts to do specified mount (it shouldn't be more than 30 lines of code) and then try to run it as root and after that as normal user with setuid bit set. Just to see if mount really refuses to do it just because the setuid bit is involved. At the end of the day you may use this simple C-wrapper instead of direct call to mount :)

[reply]

Back to Seekers of Perl Wisdom