NAME

msudir - Convenient access to setuid scripts

SYNOPSIS

msudir directory/cmd [args]

DESCRIPTION

msudir allows enabled users to easily manage 'setuid' scripts and binaries. A directory containing scripts or other executables is created inside the basedir for each destination user. Any user is then able to invoke the script 'bob' in the directory 'jo' via 'msudir jo/bob'. The script will be run under the uid and primary gid of the destination user. (All other group memberships are revoked). If the destination user cannot read the current working directory it is set to '/'.

Configuration is specified in msudir.conf.

The basedir must be owned by root and not writable by any other user. Each directory inside the basedir and files inside must be owned by the destination user or root, and also not writable by any other user.

FILE FORMAT

The msudir.conf contains lines of the form 'key = value'. If a line contains a '#' the rest of that line is ignored. Options after a [tag] line will only apply to a directory named 'tag', and will override any global options. Valid directives are:

basedir
Base directory containing user directories and commands. Default: /usr/local/msudir.

dirmatchuser
Directory names must match user names. Default: true.

fromgroup
If set the source process must be running under this real or effective group id, or have it in its current group access list. Default: unset.

path
PATH setting for all commands. Default: (spaces introduced for legibility) /usr/local/bin: /usr/local/sbin: /usr/pkg/bin: /usr/pkg/sbin: /usr/bin: /usr/sbin: /bin: /sbin: /usr/games: /usr/X11R6/bin

rootdir
If a directory is to contain setuid root scripts, the directory name must match rootdir. Default: no match

scriptsonly
Only permit files that start with '#!'. Default: false.

Boolean variables (those that default to 'true' or 'false') can be set to any of 'false', 'off', 'no', '0', or 'true', 'on', 'yes' and '1'.

FILES

${PREFIX}/etc/msudir.conf

ENVIRONMENT

msudir alters the following environment variables:

IFS
Unset

OLD_USER
Set to the previous value of USER.

PATH
Set to the value in msudir.conf (or default).

USER
Set to the username of the destination user.

msudir also sanitises all environment variables and arguments replacing everything except alphanumeric and "#%'+,-./:=@_ with spaces, and removes LD_PRELOAD and similar variables.

EXAMPLES

Sample msudir.conf file:
# common defines
dirmatchuser = 1
basedir=/usr/local/msudir
     

# special options for one directory [flinge] dirmatchuser = 0 fromgroup = flenge path=/bin:/usr/bin:/sbin:/usr/sbin

AUTHORS

David Brownlee .

CAVEATS

While msudir does attempt to sanitise the environment and arguments passed it does not remove the need to write scripts that treat their input carefully.