Spawned processes
Todd C. Miller
Todd.Miller at courtesan.com
Sat Jan 22 16:00:22 EST 2000
In message <200001212244.QAA24734 at drawbridge.damark.com>
so spake "heather.scrutton" (heather.scrutton):
> How does sudo handle spawned processes?
> I currently have a couple of processes, perl scripts, that call other
> procedures, including su's to other users, and su's to other users on other
> systems.
Sudo sets the real, effective, and saved uids to the target user
(root by default) before exec'ing the program. Therefore, any
process invoked thereafter should also run as root unless the
program in question makes other arrangements (since it is running
as root it could certainly change its uid).
> These processes are failing due to permissions issues - is there any good
> way to try to make this work, or something in sudo that I'm missing? The
> users have sudo abilities for the script itself. I was under the impression
> that subsequent processes and shells, called by the sudo'd program, would
> also run as root.
It's not uncommon to run afoul of NFS when dealing with permissions
issues and programs running as root. By default, when you export/share
an NFS filesystem the root uid gets mapped to an unpriviledged user
(usually -2). This can show up as 'permission denied' errors while
reading/writing from/to an NFS partition. Things like 'su' would
not be affected however.
- todd
More information about the sudo-users
mailing list