Can anyone tell me where to find a list of valid suid/guid programs on Linux, ideally Ubuntu?
Note I can use find to get a list of suid/sgid programs on my machine, but I want to know if they are real valid programs; is there a list I can compare them against?
One answer (from Rmano on askubuntu, ) is copied below:
One idea - but will need a bit of work in scripting --- be my guest ;-)
Find a suid/sgid file; let's call it scommand
Check from which package has been installed:
dpkg -S /full/path/to/scommand
Compare its permission with the original deb package, by firstly downloading the package:
apt-get download package
Check if the command should have the suid set in the package with
dpkg -c package*deb | grep /full/path/to/scommand
cleanup, rinse, repeat.
Example:
[romano:~/tmp] % ls -l /bin/passwd
ls: cannot access /bin/passwd: No such file or directory
[romano:~/tmp] 2 % ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root 47032 Feb 17 2014 /usr/bin/passwd
[romano:~/tmp] % dpkg -S /usr/bin/passwd
passwd: /usr/bin/passwd
[romano:~/tmp] % apt-get download passwd
Get:1 http://archive.ubuntu.com/ubuntu/ trusty/main passwd amd64 1:4.1.5.1-1ubuntu9 [755 kB]
Fetched 755 kB in 1s (487 kB/s)
[romano:~/tmp] % dpkg -c passwd*.deb| grep /usr/bin/passwd
-rwsr-xr-x root/root 47032 2014-02-17 03:42 ./usr/bin/passwd
Try this little script I wrote that searches the entire online archive of Ubuntu (or Debian or anything else that uses apt and dpkg, really):
PKG=$(apt-cache search . | cut -f 1 -d ' ');
echo $PKG | xargs apt-get download;
F=(`find *.deb`); for i in ${F[#]};
do dpkg -c $i | cut -c 4- | grep ^s | cut -c 4- | cut -f 2 -d '.';
done | tee suid_root;
Note that this takes a lot of disk space and bandwidth and isn't very optimized.
Related
I'm currently trying to install mono using dpkg, and all the other files within the same folder using apt-get, I know I need to use some form of this:
sudo grep 'mono' | dpkg -R --install >/dev/null
however there are too many unknowns for me to complete it and fill in whatever blanks there may be, any help would be greatly appreciated!
Try this:
ls | grep "mono" | sudo xargs dpkg -R --install >/dev/null
The ls will only give files from the current directory. You could also use ls -d *mono* instead of the ls and grep, but I think the ls and grep is easier to understand
The grep is as you had, but now has input from the ls to grep on. You can try ls | grep "mono" to see what files it selects.
Then the sudo is moved to the dpkg part of the script to make dpkg run as root. The way you had it grep runs as root and dpkg as your user
The xargs will take whatever input you had, and put it after the next command. It will take command line length limits in account and execute multiple dpkg commands if the command line gets too big. Note that if your files have spaces in their names, xargs will see the space as start of a new file and you will have problems. There are solutions to that, but really, the easiest solution is to have no files with spaces.
In this example, lets say there are 2 files from the grep "mono1.deb and "mono2.deb" the command executed will be dpkg -R --install mono1.deb mono2.deb. If for some reason you want only one deb per dpkg execution you can change it to ...xargs -n1 dpkg... and it will run dpkg -R --install mono1.deb and also dpkg -R --install mono2.deb
The >/dev/null make sure you won't get any output. Note that you will still get the errors though!
This is my attempt using wget to pull down the web page, dig for latest tar file and rerun a wget to take it down. In the example, i'm taking down pip.
wget https://pypi.org/project/pip/#files
wget $(grep tar.gz index.html | head -1 | awk -F= '{print $2}' | sed 's/>//' | sed 's/\"//g')
gunzip -c $(ls | grep tar |tail -1) | tar xvf -
yum install -y python-setuptools
cd $(ls -d */ | grep pip)
python setup.py install
cd ..
I'm sure that there is a better way, perhaps only using one wget or similar
Do you mean like that?
wget $(curl -s "https://pypi.org/project/pip/#files"|grep -o 'https://[^"]*tar\.gz')
I'm building an RPM with my own code and am running into an issue where the RPM is hanging when I install it with yum if I try to launch something as part of the post-install script. For some background, this is a virtual appliance where we've replaced the shell with a program with minimal configuration options. Previously, I couldn't get the program to load via the post-install options in my spec file; it causes the 'installing' line during a yum install to hang. I put a bandaid on it by having a reboot occur. I need this menu to load after installation, but everything I've tried results in yum hanging on the 'installing' line. My latest attempt; using the trap command, causes the same hang. Does anyone have any other ideas?
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}
%description
Installs the program.
%prep
%setup -q
%install
rsync -ar /home/makerpm/rpmbuild/BUILD/%{name}-%{version}/ /home/makerpm/rpmbuild/BUILDROOT/%{name}-%{version}-%{release}.x86_64
find $RPM_BUILD_ROOT -not -type d -printf "%%%attr(%%m,root,root) %%p\n" | sed -e "s|$RPM_BUILD_ROOT||g" > %{_tmppath}/%{name}_contents.txt
%clean
rm -rf ${RPM_BUILD_ROOT}
rm -rf %{_tmppath}/*
rm -rf ${RPM_BUILD_DIR}/*
%changelog
* Sun Jan 25 2014 - %{version} - Modified menu with trap ability so the first reboot isn't required.
%post
function finish {
/bin/launcher
}
chmod 755 /bin/launcher
cat /etc/shells | grep "/bin/launcher"
if [ $? -eq 1 ]
then
echo "/bin/bash" >> /etc/shells
fi
chsh -s /bin/launcher root
trap finish EXIT
#List of all files to be extracted
%files -f %{_tmppath}/%{name}_contents.txt
How to put a text string from file to the end of a command?
What I want to is to use sudo dpkg -i with | or < or > (or whatever else) to input the strin from file in which would be the package names. To demonstrate it:
$ ls
file pkg1.deb pkg2.deb pkg3.deb pkg4.deb
$ more file
pkg1.deb pkg3.deb
$ sudo dpkg -i < file
and the installation of the selected packages should run.
Info: I am using Ubuntu 13.10 i386
$ sudo dpkg -i $(<file)
ought to work, assuming that dpkg -i can take multiple package names (don't have a debian box around to check). If not:
for X in $(<file) ; do sudo dpkg -i "$X" ; done
Is there an equivalent to tree on CentOS?
If tree is not installed on your Centos system (I typically recommend server setups to use minimal install disk anyhow) you should type the following at your command line:
# yum install tree -y
If this doesn't install it's because you don't have the proper repository. I would use the Dag Wieers repository:
http://dag.wieers.com/rpm/FAQ.php#B
After that you can do your install:
# yum install tree -y
Now you're ready to roll. Always read the man page: http://linux.die.net/man/1/tree
So quite simply the following will return a tree:
# tree
Alternatively you can output this to a text file. There's a ton of options too.. Again, read your man page if you're looking for something other than default output.
# tree > recursive_directory_list.txt
(^^ in a text file for later review ^^)
You can make your own primitive "tree" ( for fun :) )
#!/bin/bash
# only if you have bash 4 in your CentOS system
shopt -s globstar
for file in **/*
do
slash=${file//[^\/]}
case "${#slash}" in
0) echo "|-- ${file}";;
1) echo "| |-- ${file}";;
2) echo "| | |-- ${file}";;
esac
done
As you can see here. tree is not installed by default in CentOs, so you'll need to look for an RPM and install it manually
Since tree is not installed by default in CentOS ...
[user#CentOS test]$ tree
-bash: tree: command not found
[user#CentOS test]$
You can also use the following ls command to produce almost similar output with tree
ls -R | grep ":$" | sed -e 's/:$//' -e 's/[^-][^\/]*\//--/g' -e 's/^/ /' -e 's/-/|/'
Example:
[user#CentOS test]$ ls -R | grep ":$" | sed -e 's/:$//' -e 's/[^-][^\/]*\//--/g' -e 's/^/ /' -e 's/-/|/'
.
|-directory1
|-directory2
|-directory3
[user#CentOS directory]$
You have tree in the base repo.
Show it (yum list package-name):
# yum list tree
Available Packages
tree.i386 1.5.0-4 base
Install it:
yum install tree
(verified on CentOS 5 and 6)
I need to work on a remote computer that won't allow me to yum install. So I modified bash-o-logist's answer to get a more flexible one.
It takes an (optional) argument that is the maximum level of subdirectories you want to show. Add it to your $PATH, and enjoy a tree command that doesn't need installation.
I am not an expert in shell (I had to Google a ton of times just for this very short script). So if I did anything wrong, please let me know. Thank you so much!
#!/bin/bash
# only if you have bash 4 in your CentOS system
shopt -s globstar # enable double star
max_level=${1:-10}
for file in **
do
# Get just the folder or filename
IFS='/'
read -ra ADDR <<< "$file"
last_field=${ADDR[-1]}
IFS=' '
# Get the number of slashes
slash=${file//[^\/]}
# print folder or file with correct number of leadings
if [ ${#slash} -lt $max_level ]
then
spaces=" "
leading=""
if [ "${#slash}" -gt 0 ]
then
leading=`eval $(echo printf '"|${spaces}%0.s"' {1..${#slash}})`
fi
echo "${leading}|-- $last_field"
fi
done