Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 22 Oct 2014, 00:58
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Unsorted
Unprivileged - run Programs as restricted user
Moderators: deshlab, Flash, GuestToo, Ian, JohnMurga, Lobster
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 1 Posts_count  
Author Message
MU


Joined: 24 Aug 2005
Posts: 13642
Location: Karlsruhe, Germany

PostPosted: Thu 10 Apr 2008, 09:38    Post_subject:  Unprivileged - run Programs as restricted user  

I tested this in Muppy 008.3 (Puppy 3) only.

Download (75 kb):
http://dotpups.de/puppy3/dotpups/System_Utilities/Unprivileged.pup
mirror:
http://puppyfiles.ca/dotpupsde/puppy3/dotpups/System_Utilities/Unprivileged.pup

This utility allows you to run a program with a click on an icon on your desktop.
The programs will be run as unprivileged user, like "Mark", not as "root".
You can create a new user very easily using a script I wrote.

IMPORTANT:
many programs use /tmp, which is write-protected for other users than root.
To change that, type:
chmod 777 /tmp


Here is the readme.txt:

unprivileged: run programs as unprivileged user with a click on the Rox-Desktop.


To create a new user with restricted permissions,
type this in a console:

createuser tester tester
(this creates the user tester for the group tester).

Now drag the script
/usr/local/Unprivileged/unprivileged
on your desktop.

Right-click it, and choose "edit entry".
Add as parameters the username and the comand to execute, like:
tester seamonkey

Now if you click on that icon, seamonkey is launched as unprivileged user "tester".
You can see the new settings-folder in /home/tester/.mozilla (a hidden folder).


------------------------------------------------------------------------
You will find some utilities to manage users and groups in
/usr/local/Unprivileged/bin/
To see the help, visit
http://noforum.de/man
You can read the man-pages for those comands there.

This package uses files from Tinylogin:
login
tinylogin
su
sulogin
http://distro.ibiblio.org/pub/linux/distributions/puppylinux/pet_packages-3/tinylogin-1.4.pet

And from shadow:
groupadd
groupdel
useradd
userdel
http://riksun.riken.go.jp/pub/pub/Linux/slackware/slackware-current/slackware/a/shadow-4.0.3-i486-11.tgz

And from the coreutils:
groups
id

To run these comands, enter this in a console:

export PATH=/usr/local/Unprivileged/bin:$PATH

Then the comand, like this to show all groups, that the user tester belongs to:
groups tester

To see all groups:
cat /etc/groups

To see all users:
cat /etc/shadow

------------------------------------
This post includes a utility, to run the whole X as user, not as root:
http://www.murga-linux.com/puppy/viewtopic.php?t=15839&start=60

Mark

_________________
my recommended links

Edited_time_total
Back to top
View user's profile Send_private_message Visit_website 
MU


Joined: 24 Aug 2005
Posts: 13642
Location: Karlsruhe, Germany

PostPosted: Thu 10 Apr 2008, 09:58    Post_subject:  

there was a small bug, corrected.
Also note, that /tmp must be writable for programs like seamonkey.
Updated first message.
Mark

_________________
my recommended links
Back to top
View user's profile Send_private_message Visit_website 
MU


Joined: 24 Aug 2005
Posts: 13642
Location: Karlsruhe, Germany

PostPosted: Thu 10 Apr 2008, 10:19    Post_subject:  

there was another bug setting the group, fixed now.
Mark

_________________
my recommended links
Back to top
View user's profile Send_private_message Visit_website 
koolie

Joined: 12 Mar 2007
Posts: 556

PostPosted: Mon 28 Apr 2008, 23:01    Post_subject:  

.
Truly excellent, Mark.

.
Back to top
View user's profile Send_private_message 
Irihapeti
Guest


PostPosted: Tue 29 Apr 2008, 07:41    Post_subject:  

I tried this with Seamonkey. It runs, but for some reason the menus at the top of the screen don't display, and neither do the little icons at the bottom left (email client, html editor etc). Naturally, I find this a bit frustrating. What could I do to get this to work?

I also tried with Firefox - that is, the standard tarball downloaded from Mozilla. I got an "access denied" message, even though I'd run chmod -R 777 /opt/firefox/firefox. Again, what could I be doing wrong here?

I'm running Puppy 2.17, if that makes any difference.
Back to top
koolie

Joined: 12 Mar 2007
Posts: 556

PostPosted: Tue 29 Apr 2008, 18:27    Post_subject:  

I am running 2.17.1.
Works fine for me using Firefox or Opera.
I dont use Seamonkey.

You dont need to chmod anything but /tmp.

Hope that helps.
Back to top
View user's profile Send_private_message 
Irihapeti
Guest


PostPosted: Tue 29 Apr 2008, 20:15    Post_subject:  

Actually the message is "cannot run /opt/firefox/firefox Permission denied." (My previous message was from memory.) I still can't figure out what's happening.

I'd prefer to run FF as a restricted user because I share the profile with another OS (on the same computer) and running as root causes the other OS to have difficulty accessing some of the files.
Back to top
koolie

Joined: 12 Mar 2007
Posts: 556

PostPosted: Tue 29 Apr 2008, 22:46    Post_subject:  

then make firefox executable by "others" or "all".

If you are nor familiar with commands, install XFE (the best filemanager) and all this stuff is easy.

cheers.
Back to top
View user's profile Send_private_message 
koolie

Joined: 12 Mar 2007
Posts: 556

PostPosted: Tue 29 Apr 2008, 22:50    Post_subject:  

I didnt mean to make a double post.
I got error msgs when posting.

But seeing that this one is here, I'll alter it.

XFE is here
http://dotpups.de/dotpups/File_Managers/Xfe-1.0.4.pup

and probably need FoxLibraries as well, from same site.

Firefox directory is usually under /usr/lib, for some odd reason.
(I know Mandriva and some others install it under /opt)
It may pay to move it there if you are having any hiccups.

It would probably be wiser to install Firefox locally (in tester),
and do your own thing, avoiding any conflicts with the other user or OS.
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 1 Posts_count  
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Unsorted
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0591s ][ Queries: 11 (0.0035s) ][ GZIP on ]