(old)Puppy Linux Discussion Forum

Here's something I just wrote.

It's a simple launcher for Google Chrome that tricks it into thinking you're not root, so it lets you run it even if you're root.

In order to use it, install the package and use "puppy-chrome" instead of "google-chrome" in order to run Chrome.

There are two reasons why I wrote it:
1) Freedom! It's MY computer and I'll do whatever I want, no matter if Google doesn't want me to.
3) If we want to build PET packages out of Google's official binary package (which has the updater), we can do this without having to patch the Chrome binary or edit any files (using conventional tools like sed).

How it Works

It's simple, very simple. I executed Google Chrome with strace (a tool which lists calls to system calls) to find out which system calls it uses to find out who's the user who executed it.

I assumed the name of the function it uses starts with "get": Here's the output, which doesn't mean much:

-nan 0.000000 0 1 getpid
-nan 0.000000 0 1 getppid
-nan 0.000000 0 1 getpgrp
-nan 0.000000 0 38 gettimeofday
-nan 0.000000 0 2 getdents
-nan 0.000000 0 1 sched_getparam
-nan 0.000000 0 1 sched_getscheduler
-nan 0.000000 0 2 sched_get_priority_max
-nan 0.000000 0 1 sched_get_priority_min
-nan 0.000000 0 4 getrlimit
-nan 0.000000 0 7 getuid32
-nan 0.000000 0 5 getgid32
-nan 0.000000 0 6 geteuid32
-nan 0.000000 0 5 getegid32
-nan 0.000000 0 1 getresuid32
-nan 0.000000 0 1 getresgid32
-nan 0.000000 0 14 getdents64
-nan 0.000000 0 1 gettid
-nan 0.000000 0 1 clock_gettime
-nan 0.000000 0 1 clock_getres
-nan 0.000000 0 1 getpeername
-nan 0.000000 0 1 shmget

I decided to dive into the source code and found something interesting: this, the wonderful moment when the code that checks whether you're root was added to Chromium.

These two lines tell us everything we need to know: They say Google Chrome runs a function called DetectRunningAsRoot in order to detect whether it's running as root and that function uses geteuid for that.

I wrote a simple library that implements a fake geteuid that never returns 0 (which is, root's user ID, always). That's how Chrome detects whether it's root, of course.

Here's the library code:
To build it, use this: This library needs to get loaded into Google Chrome, so it overrides the legitimate geteuid and therefore tricks Google Chrome. That's where LD_PRELOAD aids us.

The LD_PRELOAD environmental variable contains a list of libraries that are loaded into any process executed; in this case, we force Google Chrome to run with our evil library loaded it to it, which overrides the C library's geteuid().

And if you wondered, that's what puppy-chrome does, of course: A very simple approach can be used against any application that hates root - I was able to get rid of the warning message in the vanilla ROX-Filer this way, too. I just had to override getgid instead of geteuid.

@iguleder

Good detective work! I'm going to try it right now.

Thanks

Tronkel

Forgot to mention, I used it against the 32-bit DEB from here.

@iguleder

Yes, works fine. Just tested it in Puppy 529 3-Headed-Dog

Google-Chrome will not start in the latest Wary 5.2 because of the different version of libc. Maybe Barry would take a look at this.

Could you please modify the pet for puppy-chrome to include a *desktop file sometime?

Thanks

Tronkel

I think I could extend this a bit and make it a bit smarter, by writing an executable which writes a copy of this library to /tmp, executes a given command line and deletes it.

I think we could use it for stubborn applications that don't like being executed as root.

This could be sort of a de-sudo

@iguleder

Who would have imagined that Puppy Linux would ever have needed something like a reverse sudo command. However, it only takes one major player with a popular app such as Google Chrome to warrant such a thing.

Your idea of an executable to call an executable using this library is interesting, even though not many Linux executables work like this - well, not yet anyway. A good thing to have available in Puppy - just in case it's ever needed.

So, presumably this executable would be supplied with a command-line argument i.e. the name of the program to be run. This argument would then get passed to your program, let it do its stuff in /tmp and then disappear. Good.

Best regards

Tronkel

Ideas are the root of creation.
Ernest Dimnet

just tested it with the VLC portable from http://sourceforge.net/projects/portable/files/ something that wouldn't usually work if you are root, and it worked a treat!..... nice one Iguleder!!!!

Not sure how to implement this, but you could have something like the 'set icon' dialogue. where you start your 'antirootcheck' program, then drag and drop the offending and demanding binary onto it. And it creates a .desktop file and script for /usr/bin/ to start the obnoxious program!

happy time

Wow, great idea!

I remember made a Skype PET that automatically adds a desktop icon - maybe we could take that code from there and make that icon run this thing with a parameter which contains a command line.

I'll think about it, maybe I'll even write this nice thing this weekend

I downloaded Google Chrome and operate it with your pet. Sometime it functions and then sometimes I get this message:

Your profile could not be open properly.
Some features may be unavailable. Please check that the profile exits and you have permission to read and write.

In attempt to recitify this I click Google preferences, and personal and sign it and accept its access.

sometime this works sometime I can't reach the Preferences page nor the tools page.

I am about ready to give up. The reason I prefer the original Google Chrome is because it allows me to read the Amazon boobks that I have in the clould at
read.amazon.com

any suggestions or what I may be doing wrong? Thanks.

It's kinda weird that it works only sometimes. Are you sure you're running only one copy? Maybe it locks the configuration or some cache files.

yep I am only using one copy. Is there a debug section in Google Chrome that I could email to you to help disagnose the behaviour or past it here if it not too long?

Ive since seen somebody-s chrome for linux...

so... this post inaccurate

see above

ditto

I am running Lucid 5.2.8 on a Motion M1300 tablet. My wife wanted to be able to read Kindle books using their Cloud Reader in Chrome, but I couldn't make it work with a new Chrome install. It was driving me nuts.

(Needed a new install because the .pet for Chrome does not support offline reading)

Installed Chrome 25.0.1364172 (google-chrome-stable_current_i386.deb)
Installed puppy-gc-001.pet

Made relative symlink from /opt/google/chrome of "product_logo_48.png" to /usr/share/pixmaps

Made a script to put in /usr/bin called "chrome_noroot" that has:
Made a .desktop file in /usr/share/applications called google-chrome.desktop that invokes the script in its "Exec=" line, and also assigned the product_logo_48.png file as its icon.

Also dragged this .desktop to the Desktop and assigned it the same icon.

Now, I can launch Chrome from the menu or from the desktop icon, and it will run the preload, then chrome. It takes a little time to load up, but afterwards is appears to run without problems.

Thank you so much for this contribution. I was at the end of my rope.

Command not found

Psfal- I thought you said you'd try Fatdog?

Neat. This could do with a wiki page listing offending applications that it works with (and any super offensive ones that it doesn't, if there are any)

I was able to get rid of the warning message in the vanilla ROX-Filer this way, too. I just had to override getgid instead of geteuid.

It looks (i.e. I tested that the programs start, but did not test all the features) like if you just override getuid() then you can use this to start bibledit as root, and to remove the warning message in the stock xsane.

I tried creating a single lib that overrides all three functions, and in the process demonstrated that there can be adverse effects: if geteuid is overridden then bibledit-gtk freezes on startup.