Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 02 Sep 2014, 13:09
All times are UTC - 4
 Forum index » Advanced Topics » Cutting edge
Script to run everything as 'spot'
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [8 Posts]  
Author Message
jamesbond

Joined: 26 Feb 2007
Posts: 2134
Location: The Blue Marble

PostPosted: Sun 02 Jun 2013, 13:14    Post subject:  Script to run everything as 'spot'  

Puppy introduced the concept of "run-as-spot", whereby an application run as the user 'spot' despite the fact that the logged-in user is 'root', long time ago. It was / is used to run 'didiwiki', a personal webserver providing wiki functions, as the user 'spot' to reduce the impact of someone breaking into the webserver. There was a blog post from mid 2008 that talked about it, but by that time it was already quite established that didiwiki always run as spot; the first implementation must be much earlier than that - could be 2006 or 2007.

For a very long time until now, didiwiki was the only application that run as spot. Fatdog elaborated on the concept and use the idea to run most network programs as spot - most prominently is the browser.

A few days ago Barry decided to expand the model too and adopt Fatdog's approach to run more programs as spot, first of all is seamonkey (a web browser), see this blog post.

I'm attaching a script that allows *any* program (proper ones!) to run as spot. This is the same script that is currently used in Fatdog, except that Fatdog uses "dash" shell instead of "sh" to reduce memory footprint.

How to use:
1. Gunzip, then chmod +x the script.
2. Copy it to /usr/bin
3. Prefix any app you want to run with "run-as-spot".

It has been tested on:
- firefox, seamonkey, thunderbird, pidgin, geany, libreoffice, chromium, and a few others I can't remember.

Enjoy. Feedback and contributions welcome.
run-as-spot.gz
Description  gunzip then chmod +x then copy to /usr/bin
gz

 Download 
Filename  run-as-spot.gz 
Filesize  398 Bytes 
Downloaded  363 Time(s) 

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread
Back to top
View user's profile Send private message 
Ted Dog


Joined: 13 Sep 2005
Posts: 2316
Location: Heart of Texas

PostPosted: Mon 03 Jun 2013, 17:15    Post subject:  

Nice a central script for run as spot... Could you add a control flag to run as root. I generally edit seamonkey-spot to seamonkey-bin to get around the issues of download corruptions and upload errors when ever I edit stuff as root and need to do something with the files upload/download using seamonkey to my webserver.
However if we could run all apps as spot it should reduce those types of issues.
Could you give us a taste of the script in the next release of FatDog64?
Back to top
View user's profile Send private message 
Karl Godt


Joined: 20 Jun 2010
Posts: 3964
Location: Kiel,Germany

PostPosted: Mon 03 Jun 2013, 18:37    Post subject:  

Have probably few usages for such for local games servers .
These tend in newer versions to check for root and abort .
Was modifying the source then ie

Code:
#ifndef WIN32
    /* Here we check that we aren't root or suid */
    if (getuid() == 0 || geteuid() == 0) {
        fputs("Don't run crossfire as root, it is unsupported.\n", stderr);
        fputs("Instead run it as a normal unprivileged user.\n", stderr);
       // fputs("Aborting...\n", stderr);
       // return 1;
          return 0;   
}
#endif


For the Xauthority env var I have no experience with but I would write it like
Code:
if [ "$(id -u)" = 0 ] ; then
    [ -f "$Xauthority" -a ! -f /root/spot/.Xauthority ] &&
    {
    cp "$Xauthority" /root/spot/.Xauthority;
    chown spot:spot /root/spot/.Xauthority;
    }
   export XAUTHORITY=/root/spot/.Xauthority

or
Code:
if [ "$(id -u)" = 0 ] ; then
    [ -f "$Xauthority" ] && {
    cp -a --remove-destination "$Xauthority" /root/spot/.Xauthority;
    chown spot:spot /root/spot/.Xauthority;     }
    export XAUTHORITY=/root/spot/.Xauthority


>/dev/null is only needed if the / rootfs is ro , which should not be Laughing

_________________
«Give me GUI or Death» -- I give you [[Xx]term[inal]] [[Cc]on[s][ole]] .
Macpup user since 2010 on full installations.
People who want problems with Puppy boot frugal Razz
Back to top
View user's profile Send private message Visit poster's website 
sc0ttman


Joined: 16 Sep 2009
Posts: 2376
Location: UK

PostPosted: Mon 03 Jun 2013, 19:00    Post subject:  

I've looked at your script james, and I've no idea what half of it does (other than the obv).. What's all the Xauthority stuff? Can I get an 'in english for dummies' explanation?

Not trying to plug anything as such, trying to share something that may be useful, if fatdog uses spot like akita...

Akita has had a "Run as Spot" menu item in its main menu since around the time fido was first developed - cos fido stuff was too hard, so I ended up adding spot as a real user, correcting /dev permissions etc, adding the popup user login thing, etc (repeating half of pizzagoods barrys work to get there) - long story short, having done that, akita can run firefox, vlc etc as spot, with the cmd `run_as_spot $1` (sound works, etc)

The script run_as_spot basically contains
Code:
su -s /bin/bash spot -c "$@"


If this is how you did it, then the full script might be of use, it includes a gtkdialog GUI for choosing from the apps in /usr/share/applications ..

Code:
#!/bin/sh
# run the given commands as the restricted user 'spot'
[ "$(which gtkdialog4)" = "" ] && GTKDIALOG="gtkdialog4" || GTKDIALOG="gtkdialog"
VERSION=0.4 # set version
TERMINAL=mrxvt # choose preferred terminal
[ "`whoami`" = "spot" ] && pupdialog --title "Run as spot" --msgbox "You are already running as spot" 0 0 && exit 1
if [ ! "${1}" ];then # if no options given, we will run GUI
  COMBO_LIST="" EXEC_LIST="" # reset vars
  for DESKTOP_FILE in /usr/share/applications/* # for each .desktop file, get the name and command
  do
    [ "$DESKTOP_FILE" = "" ] && continue
    NAME="" EXEC=""
    # read each line of the current .desktop file, get its Name and Exec details
    while read LINE
    do
      [ "$LINE" = "" ] && continue
      case ${LINE} in
        Name=*) NAME="${LINE#*=}"'' ;;
        Exec=*) EXEC="${LINE#*=}"'' ;;
        *) ;;
      esac
    done < "${DESKTOP_FILE}" # end while read line
    # build the list of programs, 2 lists, 1 for this script, 1 for gtkdialog <combobox>
    [ "$COMBO_LIST" = "" ] && COMBO_LIST="<item>${NAME}</item>" || COMBO_LIST="${COMBO_LIST}
<item>${NAME}</item>" # build the list to go into combobox in GUI
    [ "$EXEC_LIST" = "" ] && EXEC_LIST="${NAME}@$EXEC" || EXEC_LIST="${EXEC_LIST}
${NAME}@$EXEC" # build a list which also contains the commands
  done # end for each .desktop file
  COMBO_LIST="$(echo "$COMBO_LIST" | sort)" # sort it alphabetically
  # create the GUI
  RUNASspotGUI="<window title=\"Run as spot $VERSION\">
  <frame>
    <vbox>
      <text><label>Run a program as spot, the restricted user</label></text>
    </vbox>
    <vbox>
      <hbox>
                <checkbox tooltip-text=\"Tick here to run the program in a console window, to see the programs output or errors\">
                        <label>Run in Terminal</label>
                        <variable>RUN_IN_TERM</variable>
                        <default>false</default>
                </checkbox>
      </hbox>
      <combobox>
      <variable>PROGS</variable>
        "$COMBO_LIST"
      </combobox>
    </vbox>
    <hbox>
    <button ok>
    </button>
    <button cancel></button>
    <button help>
    <action>Xdialog --title \"Run as spot $VERSION\" --msgbox \"'Spot' is a user with restricted privileges.\n\n \
The home folder for spot is /root/spot - the only folder where spot has full control.\n\n \
Unlike 'root' the super (admin) user, spot can't modify system files, in /bin, /usr/sbin, etc.\n \
Any programs run by 'spot' have the same restricted privileges, and can't modify the system. \n\n \
It is therefore considered more secure to run programs like browsers, etc, as 'spot'. \n \
If running programs as spot, all files must be saved, edited, etc, in /root/spot.\n\n \
This tool simply runs the chosen program as 'spot', with restricted privileges.\n \
Tick 'Run in terminal' to see any program output, errors and messages in a console.\n\n \
Some programs need admin (root) privileges and won't work running as spot.\n \
This generally includes programs that install, remove or modify system files and settings.\n \" 0 0 &</action>
    </button>
    </hbox>
  </frame>
</window>"
  export RUNASspotGUI
  # get variables from GUI, if not cancelled, check values, and execute the appropriate command as 'spot'
  RETVAL="`$GTKDIALOG -c -p RUNASspotGUI`"
  EXIT=`echo "$RETVAL" | grep EXIT= | cut -f2 -d'=' | tr -d '"' `
  if [ "$EXIT" = "OK" ];then
    TERM=`echo "$RETVAL" | grep TERM= | cut -f2 -d'=' | tr -d '"' `
    PROG=`echo "$RETVAL" | grep PROGS= | cut -f2 -d'=' | tr -d '"' `
    EXEC="`echo "$EXEC_LIST" | grep -m1 "$PROG" | cut -f2 -d'@'`"
    [ "$TERM" = true ] && $TERMINAL -e su -s /bin/bash spot -c "$EXEC" || su -s /bin/bash spot -c "$EXEC"
  else  # user clicked cancel
    exit 1
  fi
else # command line options were given, so just run the command, no GUI
  su -s /bin/bash spot -c "$@"
fi
exit 0
spot.png
 Description   
 Filesize   117.01 KB
 Viewed   937 Time(s)

spot.png


_________________
Akita Linux, VLC-GTK, Pup Search, Pup File Search
Back to top
View user's profile Send private message 
Q5sys


Joined: 11 Dec 2008
Posts: 1048

PostPosted: Mon 03 Jun 2013, 20:56    Post subject:  

awesome work!
_________________



My PC is for sale
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Tue 04 Jun 2013, 06:29    Post subject:  

From a users point of view what would be different?
I mean how would I notice that I am now spot instead of root?

I think of saving a picture to the sda1 HD from Firefox?
Would it ask fir password each time? Would it refuse to save it
and only allow it to save to Spot directory and if I want to move it
from there to HD would it have permissions set to only be viewed
in Spot?

How does it behave from the user perspective?

Edit thanks to Scottman below for that detailed explantion. would not the downloaded things still end up in Spot and not allowed to be moved
why else use spot if it does not protect? I am a noony obviously Smile

_________________
I use Google Search on Puppy Forum
not an ideal solution though

Last edited by nooby on Tue 04 Jun 2013, 15:41; edited 1 time in total
Back to top
View user's profile Send private message 
sc0ttman


Joined: 16 Sep 2009
Posts: 2376
Location: UK

PostPosted: Tue 04 Jun 2013, 07:36    Post subject:  

nooby, you can set different GTK themes for different users, so the programs they use will look different... The easy way to do this is to make sure you dont have the files /root/spot/.gtkrc and /root/spot/.gtkrc.mine ... If you dont have the same GTK theme settings (gtkrc etc) in both /root and /root/spot then the programs will look different depending on if run as root or not.. If run as root programs will look 'normal', if not, they will have different (probably uglier) theme settings.. Hope that's clear.

EDIT: I attached a screenshot, so you can see.. The 1st is run as root, the second is run as spot (using `run_as_spot vlc-gtk` in akita)
vlc-root.png
 Description   
 Filesize   36.52 KB
 Viewed   894 Time(s)

vlc-root.png

vlc-spot.png
 Description   
 Filesize   32 KB
 Viewed   866 Time(s)

vlc-spot.png


_________________
Akita Linux, VLC-GTK, Pup Search, Pup File Search
Back to top
View user's profile Send private message 
jamesbond

Joined: 26 Feb 2007
Posts: 2134
Location: The Blue Marble

PostPosted: Tue 04 Jun 2013, 09:10    Post subject:  

Ted Dog wrote:
Nice a central script for run as spot... Could you add a control flag to run as root. I generally edit seamonkey-spot to seamonkey-bin to get around the issues of download corruptions and upload errors when ever I edit stuff as root and need to do something with the files upload/download using seamonkey to my webserver.

Instead of using "seamonkey-spot" just use "seamonkey" and it will run as whatever logged in user you are in.
Same for firefox - just use "firefox" instead of "firefox-spot", etc.

Quote:
However if we could run all apps as spot it should reduce those types of issues.
Could you give us a taste of the script in the next release of FatDog64?

Yes you already can. Go to Control Panel --> System --> User manager and create a new user (don't forget to set the password too). After you create a new user you can launch a second desktop too. Switch between desktops by pressing Ctrl-Alt-Fxxx (the first desktop is F4, second is F5, third is F6, etc).

While there, you can also choose whether you want to automatically logged in as "root" or as any other user. If you don't like autologin (as root or as any other user), go to Control Panel --> System --> Login manager to choose how to to login to the system, you have 3 choices: autologin, console login, or graphical login.

It's all in the login FAQ Smile

sc0ttman wrote:
I've looked at your script james, and I've no idea what half of it does (other than the obv).. What's all the Xauthority stuff? Can I get an 'in english for dummies' explanation?

Xauthority is the (old) security model of X server to prevent anyone who happens to know your IP address to connect to your Xorg and display
an annoying popup ad banner message Smile But relax this won't happen in Fatdog or Puppy because in both, X server is configured *not* to listen to any IP address.

It is there because when running Fatdog with the slim graphical login manager, slim creates an X authority file, and if that file isn't made available to spot, spot will not be able to display anything on screen. On regular sessions (ie console login / autologin), Xauthority isn't used.

Quote:
Akita has had a "Run as Spot" menu item in its main menu since around the time fido was first developed - cos fido stuff was too hard, so I ended up adding spot as a real user, correcting /dev permissions etc, adding the popup user login thing, etc (repeating half of pizzagoods barrys work to get there) - long story short, having done that, akita can run firefox, vlc etc as spot, with the cmd `run_as_spot $1` (sound works, etc)

The script run_as_spot basically contains
Code:
su -s /bin/bash spot -c "$@"

Fatdog's run-as-spot script used to be a one-liner like that, but there are a few others things that need to be set properly, otherwise certain apps will not run.
What it does:
1. Copy Xauthority as explained above.
2. Set $XDG_* environment variables needed by many freedesktop-compliant programs such as geany, libreoffice, chromium, etc.
3. Make sure after switching to spot we stays in the current directory (if current directory is readable by spot)
4. Make sure if the app requires arguments that has space in it, that space is preserved and passed correctly after switching to spot.

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [8 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Cutting edge
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1051s ][ Queries: 13 (0.0060s) ][ GZIP on ]