I am trying to write a code that will listen to messages, and will force ntp sync (using ntpdate command) each time it gets a message.
The code is written in c++, on Ubuntu 14.04, and runs OK. But the system command fails each time, because it does not have root privileges.
This code suppose to start automatically when the system boots up, so I can't just run the executable with "sudo".
After searching the internet, the only solution I found was to log in as root user, but this will compromise security.
I know the ntp daemon process runs with root privileges, but I am not sure how it is implemented.
Do you know of any way I can run c++ code with root privileges without compromising security?
The NTP daemon runs with root privileges because it is started under the root account.
Generally, programs which run as daemons are started under the root account; some of them drop root privileges voluntarily by calling setuid(), seteuid(), etc.
You can always make a dedicated account for the program and run it under that account,
either by making it setuid to that account,
or by using sudo-u,
or, if you start your daemon from a systemd unit file, by specifying user= and group= in the unit description file.
You can then edit the /etc/sudoers to allow that account to run ntpdate and only ntpdate as root without a password.
Related
I am running django server, using gunicorn. Apart from gunicorn, I have a layer of nginx as a load balancer and using supervisord to manage gunicorn.
From the perspective of security is it fine to run my gunicorn server with sudo permission? Is there any potential security leak?
Also, does it makes any difference if I am a superuser and not running process with sudo permission as in any case I have sudo permissions as the user.
Does it need to run as root?
If it doesn't, don't run it as root.
Even better, add a separate user for the app and run it as that user.
I believe the answer to question "is it ok to run xxx with root permissions" should not be "If it doesn't, don't run it as root." but rather a clear "NO".
Every single server and framework is designed to be run without root rights.
What can go wrong? In case you have a vulnerability allowing to remotely execute code on the server you would be simply giving root rights to whoever can exploit it. In case one of your developers in team does something stupid like deleting the root directory, it will be deleted. You don't want that a single app running on the server disrupts your whole system, do you?
It is not a good practice to run any external network facing application with root user privilege.
Consider a scenario where your uploaded file is not validated or sanitized ( file upload vulnerability). If someone uploads some vulnerable file and executes it. Consider that file to have implemented reverse shell. Then it gets easier to take down your server.
Nmap asks admin privileges each time I restart my machine(which is logged into work domain). How do I avoid nmap asking admin privileges each time I run a script? Is there any way to do that?
Nmap only asks for privileges in order to start the Npcap packet capture driver if it is not started already. Upgrade to the latest version of Npcap to avoid bugs, and during installation make sure that you leave the "Automatically start the Npcap driver at boot time" box checked.
Future releases of Npcap will always start at boot because of problems like this with on-demand start.
I have written an application using docker-toolbox and inno setup script for the application installation in windows 10.
And I want to remove the docker-toolbox VM, while I uninstall my program. However, the VM cannot remove completely by following inno setup script.
[Setup]
PrivilegesRequired=none
[UninstallRun]
Filename: "{cmd}"; Parameters: "/C ""docker-machine rm -y myDocker"""
The command "docker-machine rm -y myDocker" always work whenever runs in my user cmd, but not works in inno setup uninstallrun.
And I checked and found out that docker-toolbox is based on VirtualBox. VirtualBox uses a per-user environment. Becoming root (or any other user) does not give you access or more powers to the original user's VMs. ALWAYS perform VM operations as the user that actually created the VMs. Hence, I have to run a command as a original user in uninstallrun, but I cannot find a way to do so.
Looking forward for a help and support, I have spent lots of times in this problem.
Is there any way to use runasoriginaluser in uninstallrun in inno setup?
You should not modify a specific user profile from an (un)installer that runs with Administrator privileges (installs software for all users).
See Installing application for currently logged in user from Inno Setup installer running as Administrator.
runasoriginaluser flag is not supported in UninstallRun section. Probably because it won't be of any use there anyway. What the flag does in Run section is that it executes program with privileges with which the installer was originally executed. But uninstaller (for installer elevated to Administrator privileges) is executed with Administrator privileges straight away, when executed from Control Panel/Settings app.
I have a Jenkins server on OS X 10.7, which polls a subversion server, builds the code and packages the app. The last step that I need to complete is deploying the app on a remote host, which is a windows share. Note that my domain account has write access to the target folder and the volume is mounted. I've tried using a shell script build step:
sudo cp "path/to/app" "/Volumes/path/to/target"
However i get a "no tty" response. I was able to run this command succesfully in Terminal, but not as a build step in Jenkins.
Does this have something to do with the user being used when starting up Jenkins? As a side note, the default user.name is jenkins and my JENKINS_HOME resides in /Users/Shared/Jenkins. I would appreciate any help as to how to achieve this.
Your immediate problem seems to be that you are running Jenkins in the background and sudo wants to input a password. Run Jenkins in the foreground with $ java -jar jenkins.war.
However, this most probably won't solve your problem as you'll be asked to enter a password when the command runs - from the terminal you started Jenkins from (presumably it's not what you want). You need to find a way to copy your files without needing root permissions. In general, it it not a good idea to rely on administrative permissions in your builds (there are exceptions, but your case is not it).
I've just stumbled upon Fabric and the documentation doesn't really make it obvious how it works.
My educated guess is that you need to install it on both client-side and server-side. The Python code is stored on the client side and transferred through Fabric's wire-protocol when the command is run. The server accepts connections using the OpenSSH SSH daemon through the ~/.ssh/authorized_keys file for the current user (or a special user, or specified in the host name to the fab command).
Is any of this correct? If not, how does it work?
From the docs:
Fabric is a Python (2.5 or higher) library and command-line tool for streamlining the use of SSH for application deployment or systems administration tasks.
It provides a basic suite of operations for executing local or remote shell commands (normally or via sudo) and uploading/downloading files, as well as auxiliary functionality such as prompting the running user for input, or aborting execution.
So it's just like ssh'ing into a box and running the commands you've put into run()/sudo().
There is no transfer of code, so you only need to have ssh running on the remote machine and have some sort of shell (bash is assumed by default).
If you want remote access to a python interpreter you're more looking at something like execnet.
If you want more information on how execution on the remote machine(s) work look to this section of the docs.
Most what you are saying is correct, except that the "fabfile.py" file only has to be stored on your client. An SSH server like OpenSSH needs to be installed on your server and an SSH client needs to be installed on your client.
Fabric then logs into one or more servers in turn and executes the shell commands defined in "fabfile.py". If you are located in the same dir as "fabfile.py" you can go "fab --list" to see a list of available commands and then "fab [COMMAND_NAME]" to execute a command.
The user on the server does not need to be added to "~/.ssh/authorized_keys" but if it is you don't have to type the password every time you want to execute a command.