Spawned processes

Todd C. Miller Todd.Miller at
Sat Jan 22 16:00:22 EST 2000

In message <200001212244.QAA24734 at>
	so spake "heather.scrutton" (heather.scrutton):

> How does sudo handle spawned processes?
> I currently have a couple of processes, perl scripts, that call other
> procedures, including su's to other users, and su's to other users on other
> systems.

Sudo sets the real, effective, and saved uids to the target user
(root by default) before exec'ing the program.  Therefore, any
process invoked thereafter should also run as root unless the
program in question makes other arrangements (since it is running
as root it could certainly change its uid).

> These processes are failing due to permissions issues - is there any good
> way to try to make this work, or something in sudo that I'm missing?  The
> users have sudo abilities for the script itself.  I was under the impression
> that subsequent processes and shells, called by the sudo'd program, would
> also run as root.

It's not uncommon to run afoul of NFS when dealing with permissions
issues and programs running as root.  By default, when you export/share
an NFS filesystem the root uid gets mapped to an unpriviledged user
(usually -2).  This can show up as 'permission denied' errors while
reading/writing from/to an NFS partition.  Things like 'su' would
not be affected however.

 - todd

More information about the sudo-users mailing list