NFS root manipulation without being superuser?
William A. Gatliff
bgat at billgatliff.com
Sat Nov 16 08:51:38 EST 2002
Jerry:
On Fri, Nov 15, 2002 at 03:16:16PM -0500, Jerry Van Baren wrote:
>
> How about this thought... on your development system, make a group "xroot"
> (export root, or maybe name it "grub" to make a bad pun)
How about "tuber"? :^)
> and chown your NFS files currently owned by "root" to "xroot". You
> can add yourself into the "xroot" group and make sure all the NFS
> exported root file system have group r/w privileges. Now you can
> play with the files to your heart's content because you are part of
> the group that has write permissions. When you are happy with your
> NFS exported root file system, change the group ownership of "xroot"
> back to "root". With a little thought and a lot of care ;-), you
> should be able to write a script that does the group change back &
> forth.
Maybe just this:
# cd <nfs-root-dir> && find . -name "*" | xargs chown xroot:xroot
What about the files that the client creates or modifies,
i.e. resolv.conf in a DHCP setting? I think those files will still
get created with root ownership. It's almost as if NFS needs
translate the UID of the files both inbound and outbound.
Other than that, your suggestion looks great.
b.g.
--
Bill Gatliff
Do you do embedded GNU? I do!
See http://billgatliff.com for details.
** Sent via the linuxppc-embedded mail list. See http://lists.linuxppc.org/
More information about the Linuxppc-embedded
mailing list