iopl() fails intermittently - ubuntu-14.04

I am working on a hardware device, where I have to do some GPIO operations.
At the start of my program, I invoke iopl(3). The executable is not root owned, but has capabilities set - cap_sys_rawio+eip. Though this works most of the times
sometimes the process fails with:
iopl: Operation not permitted
Is the capability insufficient ? I cannot run the program as root.
The device is running Ubuntu 14.04.2. dmesg / syslogs are not giving
any hints!
More details:
The start of my main has this:
if (iopl(3) != 0) {
perror("iopl");
assert(!"Failed to set privilege!");
}
Though this works most of the times, sometimes on the hardware platform
(Intel Atom based), this fails with perror printing iopl: Operation not permitted.

Knowing that you cannot run the program as root, I am guessing if you have tried:
chmod u+s /usr/bin/xinit
or if you have root access,
sudo chmod u+s /usr/bin/xinit
If no setuid has been set (considering running without sudo --since you have already root access)
sudo chown root $prefix/Xorg
sudo chmod u+s $prefix/Xorg

Related

Failed to open /dev/mem: Permission denied

Today, I tried to use this command on my raspberry Pi:
sox -t mp3 /home/pi/test.mp3 -t wav - | /home/pi/PiFmRds/src/pi_fm_rds -audio -
But I got this error message :
Failed to open /dev/mem: Permission denied.
Terminating: cleanly deactivated the DMA engine and killed the carrier.
sudo: ./sox : command not found
I've tried to place "sudo" before the command but I got the same error.
How can I resolve this please ? (and sorry if I did a mistake, I started playing with my raspberry today and this is also my first question on this website)
Thanks in advance !
Putting sudo in front of sox will not help you since I am pretty sure the error message "Failed to open /dev/mem" comes from pi_fm_rds. And that is still started without sudo.
You are actually executing two commands. sox is the first, and pi_fm_rds the second. You are sending the output of the first command to the second (via the pipe |).
To call pi_fm_rds with root access you can choose one of these three options:
Call pi_fm_rds with sudo
sox -t mp3 /home/pi/test.mp3 -t wav - | sudo /home/pi/PiFmRds/src/pi_fm_rds -audio -
Or add your user to the kmem group (which allows access to /dev/mem) - requires logout/reboot.
sudo usermod -a -G kmem userName
or make the program setuid root - or setgid kmem
chown root:root /home/pi/PiFmRds/src/pi_fm_rds
chmod u+s /home/pi/PiFmRds/src/pi_fm_rds

Accidentally did chown -R my.user:staff /usr in OS X

I was a happy guy until when, accidentally, I did this command in my Mac Os X (Yosemite 10.10.5) a few moments a go:
$ sudo chown -R my.user:staff usr/
Then, terribly, when I try to use sudo a horrible error occurs:
$ sudo su -
sudo: effective uid is not 0, is sudo installed setuid root?
Any one have any idea about how to solve these and save my life, please?
Obs: I can't open new terminals but I still have two terminals opened, one logged with my.user and other with root.
Maybe if you changed the owner to actually used by you user, you can change without sudo the ownership to root by chown -R root:root /usr?
I found this tutorial and it saved me from ruin:
Open Disk Utility, which is in the Utilities folder of your Applications folder.
Select the startup disk from the list of volumes.
Click the First Aid tab.
To check permissions, click Verify Disk Permissions. To repair permissions, click Repair Disk Permissions.
https://support.apple.com/en-us/HT201560

Script for logging in as user and executing another script

I need to run a set of commands after logging into a remote machine -
sudo su - weblogic
Enter password
sh /pathtofile.sh
The following approach doesnt do anything. It logs me into the server as weblogic but then does nothing. When I press Ctrl + C, it then executes sh/pathtofile.sh
ssh -t user#host 'sudo su - weblogic; sh /pathtofile.sh'
I have searched everywhere I could, but however I cannot find the right solution to this. Please help!
The test failed for the SUID or setuid for a script because on linux it is disable by default for script.
To use SUID you might want to create an binary executable which in turn starts the final script. SUID should work with binaries.
-- for reference --
Normal users on the system who have permission to execute this file gain the privileges of the user who owns the file.
sudo chown weblogic /pathtofile.sh
sudo chmod 4755 ./pathtofile.sh

How can I make a chgrp command optional in my install script?

I'm creating an install script for a Linux game. As part of the installation, I change the suid permissions of the game executable to the "games" group so that the game can update the highscore file even when its run by regular users.
Right now my Makefile.am looks like this:
AUTOMAKE_OPTIONS = foreign
SUBDIRS = src man
install-exec-hook:
chgrp games #bindir#/xjump
chmod +s #bindir#/xjump
mkdir -p #localstatedir#/xjump
touch #localstatedir#/xjump/record
chmod 660 #localstatedir#/xjump/record
chgrp games #localstatedir#/xjump/record
The problem I am having is that the chgrp command requires administrative privileges. If I am installing the game globally using sudo make install then its all works fine but if I change the prefix to somewhere in my home directory and try to do a regular make install it fails due to the chgrp
chgrp: changing group of ‘/home/hugo/Desktop/aaa/bin/xjump’: Operation not permitted
Since the locally installed version of the game only has a single player, I don't really need to do the chgrp thing. Is there a way to detect if the makefile is being run without root privileges and skip the permission changing? Or should I add a configuration flag to my configure script instead of trying to fix this permission issue automatically?
When the commands fail, you did not run as root. It seems nothing goes wrong, you just do not want the error messages.
You can see who you are, but the easiest solution is redirecting the output
Finish with true, so your step doesn't fail:
chgrp games #localstatedir#/xjump/record 2>/dev/null || true
If you run "whoami", you would be able to find out who the current user is.
runner=`whoami` ;
if test $$runner == "root" ;
then
chgrp games #localstatedir#/xjump/record
fi

How to give a directory back its sudo admissions/permissions?

I recently installed LAMP on my Ubuntu 14.04 laptop. But I didn't have full/root access to the files var/www and etc/apache2/sites-enabled/000-default.conf so I did some research to change permissions and admissions to the directory, using this command in the terminal:
sudo chown -R username:group directory
It worked perfectly. But now I can't do any sudo commands in the terminal. I wanted to restart the apache server but here is what it showed me:
sudo: /etc/sudoers is owned by uid 1000, should be 0
sudo: no valid sudoers sources found, quitting
sudo: impossible d'initialiser le greffon de règles
(my computer is in french btw).
What I want to know is how to set it back to sudo. I hope I explained myself good enough. If you need additional info that I didn't state please tell me. I will add it. Thnx.
Seems like you chown'd /etc/sudoers.
Try:
sudo chown root:root /etc/sudoers
Then if you want read/write privileges, see which group the folder /var/www belongs to (probably www-data)
To add yourself to the www-data group, try:
sudo useradd -a -G www-data yourUserName
Also, as a side note; be careful of recursive commands!!! If you're not sure what a command does, test it on a single file before making it recursive. For example:
DO NOT RUN THIS CODE, I DON'T INCLUDE SUDO ON PURPOSE SO YOU DONT HOSE EVERYTHING
rm -r /
Will delete everything inside / (a lot of stuff!)

Resources