NAME
msudir
- Convenient access to setuid scripts
SYNOPSIS
msudir
directory/cmd
[args]
DESCRIPTION
msudir
allows enabled users to easily manage 'setuid' scripts and binaries.
A directory containing scripts or other executables is created inside the
basedir
for each destination user. Any user is then able to invoke the script 'bob'
in the directory 'jo' via 'msudir jo/bob'. The script will be run under
the uid and primary gid of the destination user. (All other group memberships
are revoked). If the destination user cannot read the current working
directory it is set to '/'.
Configuration is specified in
msudir.conf
.
The
basedir
must be owned by root and not writable by any other user. Each directory
inside the basedir and files inside must be owned by the destination
user or root, and also not writable by any other user.
FILE FORMAT
The
msudir.conf
contains lines of the form 'key = value'. If a line contains a '#' the rest
of that line is ignored. Options after a [tag] line will only apply to a
directory named 'tag', and will override any global options.
Valid directives are:
- basedir
-
Base directory containing user directories and commands. Default:
/usr/local/msudir
.
- dirmatchuser
-
Directory names must match user names. Default: true.
- fromgroup
-
If set the source process must be running under this real or effective group
id, or have it in its current group access list. Default: unset.
- path
-
PATH setting for all commands. Default: (spaces introduced for legibility) /usr/local/bin: /usr/local/sbin: /usr/pkg/bin: /usr/pkg/sbin: /usr/bin: /usr/sbin: /bin: /sbin: /usr/games: /usr/X11R6/bin
- rootdir
-
If a directory is to contain setuid root scripts, the directory name must match
rootdir. Default: no match
- scriptsonly
-
Only permit files that start with '#!'. Default: false.
Boolean variables (those that default to 'true' or 'false') can be set to
any of 'false', 'off', 'no', '0', or 'true', 'on', 'yes' and '1'.
FILES
${PREFIX}/etc/msudir.conf
ENVIRONMENT
msudir
alters the following environment variables:
IFS
-
Unset
OLD_USER
-
Set to the previous value of
USER
.
PATH
-
Set to the value in
msudir.conf
(or default).
USER
-
Set to the username of the destination user.
msudir
also sanitises all environment variables and arguments replacing everything
except alphanumeric and "#%'+,-./:=@_ with spaces, and removes
LD_PRELOAD
and similar variables.
EXAMPLES
Sample msudir.conf file:
# common defines
dirmatchuser = 1
basedir=/usr/local/msudir
# special options for one directory
[flinge]
dirmatchuser = 0
fromgroup = flenge
path=/bin:/usr/bin:/sbin:/usr/sbin
AUTHORS
David Brownlee .
CAVEATS
While
msudir
does
attempt to sanitise the environment and arguments passed it does
not
remove the need to write scripts that treat their input carefully.