Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sat 28 Mar 2015, 20:16
All times are UTC - 4
 Forum index » Advanced Topics » Cutting edge
Script to run everything as 'spot'
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 2 [19 Posts]   Goto page: 1, 2 Next
Author Message
jamesbond

Joined: 26 Feb 2007
Posts: 2352
Location: The Blue Marble

PostPosted: Sun 02 Jun 2013, 13:14    Post subject:  Script to run everything as 'spot'  

Puppy introduced the concept of "run-as-spot", whereby an application run as the user 'spot' despite the fact that the logged-in user is 'root', long time ago. It was / is used to run 'didiwiki', a personal webserver providing wiki functions, as the user 'spot' to reduce the impact of someone breaking into the webserver. There was a blog post from mid 2008 that talked about it, but by that time it was already quite established that didiwiki always run as spot; the first implementation must be much earlier than that - could be 2006 or 2007.

For a very long time until now, didiwiki was the only application that run as spot. Fatdog elaborated on the concept and use the idea to run most network programs as spot - most prominently is the browser.

A few days ago Barry decided to expand the model too and adopt Fatdog's approach to run more programs as spot, first of all is seamonkey (a web browser), see this blog post.

I'm attaching a script that allows *any* program (proper ones!) to run as spot. This is the same script that is currently used in Fatdog, except that Fatdog uses "dash" shell instead of "sh" to reduce memory footprint.

How to use:
1. Gunzip, then chmod +x the script.
2. Copy it to /usr/bin
3. Prefix any app you want to run with "run-as-spot".

It has been tested on:
- firefox, seamonkey, thunderbird, pidgin, geany, libreoffice, chromium, and a few others I can't remember.

Enjoy. Feedback and contributions welcome.
run-as-spot.gz
Description  gunzip then chmod +x then copy to /usr/bin
gz

 Download 
Filename  run-as-spot.gz 
Filesize  398 Bytes 
Downloaded  555 Time(s) 

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread
Back to top
View user's profile Send private message 
Ted Dog


Joined: 13 Sep 2005
Posts: 3056
Location: Heart of Texas

PostPosted: Mon 03 Jun 2013, 17:15    Post subject:  

Nice a central script for run as spot... Could you add a control flag to run as root. I generally edit seamonkey-spot to seamonkey-bin to get around the issues of download corruptions and upload errors when ever I edit stuff as root and need to do something with the files upload/download using seamonkey to my webserver.
However if we could run all apps as spot it should reduce those types of issues.
Could you give us a taste of the script in the next release of FatDog64?
Back to top
View user's profile Send private message 
Karl Godt


Joined: 20 Jun 2010
Posts: 4009
Location: Kiel,Germany

PostPosted: Mon 03 Jun 2013, 18:37    Post subject:  

Have probably few usages for such for local games servers .
These tend in newer versions to check for root and abort .
Was modifying the source then ie

Code:
#ifndef WIN32
    /* Here we check that we aren't root or suid */
    if (getuid() == 0 || geteuid() == 0) {
        fputs("Don't run crossfire as root, it is unsupported.\n", stderr);
        fputs("Instead run it as a normal unprivileged user.\n", stderr);
       // fputs("Aborting...\n", stderr);
       // return 1;
          return 0;   
}
#endif


For the Xauthority env var I have no experience with but I would write it like
Code:
if [ "$(id -u)" = 0 ] ; then
    [ -f "$Xauthority" -a ! -f /root/spot/.Xauthority ] &&
    {
    cp "$Xauthority" /root/spot/.Xauthority;
    chown spot:spot /root/spot/.Xauthority;
    }
   export XAUTHORITY=/root/spot/.Xauthority

or
Code:
if [ "$(id -u)" = 0 ] ; then
    [ -f "$Xauthority" ] && {
    cp -a --remove-destination "$Xauthority" /root/spot/.Xauthority;
    chown spot:spot /root/spot/.Xauthority;     }
    export XAUTHORITY=/root/spot/.Xauthority


>/dev/null is only needed if the / rootfs is ro , which should not be Laughing

_________________
«Give me GUI or Death» -- I give you [[Xx]term[inal]] [[Cc]on[s][ole]] .
Macpup user since 2010 on full installations.
People who want problems with Puppy boot frugal Razz
Back to top
View user's profile Send private message 
sc0ttman


Joined: 16 Sep 2009
Posts: 2393
Location: UK

PostPosted: Mon 03 Jun 2013, 19:00    Post subject:  

I've looked at your script james, and I've no idea what half of it does (other than the obv).. What's all the Xauthority stuff? Can I get an 'in english for dummies' explanation?

Not trying to plug anything as such, trying to share something that may be useful, if fatdog uses spot like akita...

Akita has had a "Run as Spot" menu item in its main menu since around the time fido was first developed - cos fido stuff was too hard, so I ended up adding spot as a real user, correcting /dev permissions etc, adding the popup user login thing, etc (repeating half of pizzagoods barrys work to get there) - long story short, having done that, akita can run firefox, vlc etc as spot, with the cmd `run_as_spot $1` (sound works, etc)

The script run_as_spot basically contains
Code:
su -s /bin/bash spot -c "$@"


If this is how you did it, then the full script might be of use, it includes a gtkdialog GUI for choosing from the apps in /usr/share/applications ..

Code:
#!/bin/sh
# run the given commands as the restricted user 'spot'
[ "$(which gtkdialog4)" = "" ] && GTKDIALOG="gtkdialog4" || GTKDIALOG="gtkdialog"
VERSION=0.4 # set version
TERMINAL=mrxvt # choose preferred terminal
[ "`whoami`" = "spot" ] && pupdialog --title "Run as spot" --msgbox "You are already running as spot" 0 0 && exit 1
if [ ! "${1}" ];then # if no options given, we will run GUI
  COMBO_LIST="" EXEC_LIST="" # reset vars
  for DESKTOP_FILE in /usr/share/applications/* # for each .desktop file, get the name and command
  do
    [ "$DESKTOP_FILE" = "" ] && continue
    NAME="" EXEC=""
    # read each line of the current .desktop file, get its Name and Exec details
    while read LINE
    do
      [ "$LINE" = "" ] && continue
      case ${LINE} in
        Name=*) NAME="${LINE#*=}"'' ;;
        Exec=*) EXEC="${LINE#*=}"'' ;;
        *) ;;
      esac
    done < "${DESKTOP_FILE}" # end while read line
    # build the list of programs, 2 lists, 1 for this script, 1 for gtkdialog <combobox>
    [ "$COMBO_LIST" = "" ] && COMBO_LIST="<item>${NAME}</item>" || COMBO_LIST="${COMBO_LIST}
<item>${NAME}</item>" # build the list to go into combobox in GUI
    [ "$EXEC_LIST" = "" ] && EXEC_LIST="${NAME}@$EXEC" || EXEC_LIST="${EXEC_LIST}
${NAME}@$EXEC" # build a list which also contains the commands
  done # end for each .desktop file
  COMBO_LIST="$(echo "$COMBO_LIST" | sort)" # sort it alphabetically
  # create the GUI
  RUNASspotGUI="<window title=\"Run as spot $VERSION\">
  <frame>
    <vbox>
      <text><label>Run a program as spot, the restricted user</label></text>
    </vbox>
    <vbox>
      <hbox>
                <checkbox tooltip-text=\"Tick here to run the program in a console window, to see the programs output or errors\">
                        <label>Run in Terminal</label>
                        <variable>RUN_IN_TERM</variable>
                        <default>false</default>
                </checkbox>
      </hbox>
      <combobox>
      <variable>PROGS</variable>
        "$COMBO_LIST"
      </combobox>
    </vbox>
    <hbox>
    <button ok>
    </button>
    <button cancel></button>
    <button help>
    <action>Xdialog --title \"Run as spot $VERSION\" --msgbox \"'Spot' is a user with restricted privileges.\n\n \
The home folder for spot is /root/spot - the only folder where spot has full control.\n\n \
Unlike 'root' the super (admin) user, spot can't modify system files, in /bin, /usr/sbin, etc.\n \
Any programs run by 'spot' have the same restricted privileges, and can't modify the system. \n\n \
It is therefore considered more secure to run programs like browsers, etc, as 'spot'. \n \
If running programs as spot, all files must be saved, edited, etc, in /root/spot.\n\n \
This tool simply runs the chosen program as 'spot', with restricted privileges.\n \
Tick 'Run in terminal' to see any program output, errors and messages in a console.\n\n \
Some programs need admin (root) privileges and won't work running as spot.\n \
This generally includes programs that install, remove or modify system files and settings.\n \" 0 0 &</action>
    </button>
    </hbox>
  </frame>
</window>"
  export RUNASspotGUI
  # get variables from GUI, if not cancelled, check values, and execute the appropriate command as 'spot'
  RETVAL="`$GTKDIALOG -c -p RUNASspotGUI`"
  EXIT=`echo "$RETVAL" | grep EXIT= | cut -f2 -d'=' | tr -d '"' `
  if [ "$EXIT" = "OK" ];then
    TERM=`echo "$RETVAL" | grep TERM= | cut -f2 -d'=' | tr -d '"' `
    PROG=`echo "$RETVAL" | grep PROGS= | cut -f2 -d'=' | tr -d '"' `
    EXEC="`echo "$EXEC_LIST" | grep -m1 "$PROG" | cut -f2 -d'@'`"
    [ "$TERM" = true ] && $TERMINAL -e su -s /bin/bash spot -c "$EXEC" || su -s /bin/bash spot -c "$EXEC"
  else  # user clicked cancel
    exit 1
  fi
else # command line options were given, so just run the command, no GUI
  su -s /bin/bash spot -c "$@"
fi
exit 0
spot.png
 Description   
 Filesize   117.01 KB
 Viewed   1723 Time(s)

spot.png


_________________
Akita Linux, VLC-GTK, Pup Search, Pup File Search
Back to top
View user's profile Send private message 
Q5sys


Joined: 11 Dec 2008
Posts: 1123

PostPosted: Mon 03 Jun 2013, 20:56    Post subject:  

awesome work!
_________________



Back to top
View user's profile Send private message Visit poster's website 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Tue 04 Jun 2013, 06:29    Post subject:  

From a users point of view what would be different?
I mean how would I notice that I am now spot instead of root?

I think of saving a picture to the sda1 HD from Firefox?
Would it ask fir password each time? Would it refuse to save it
and only allow it to save to Spot directory and if I want to move it
from there to HD would it have permissions set to only be viewed
in Spot?

How does it behave from the user perspective?

Edit thanks to Scottman below for that detailed explantion. would not the downloaded things still end up in Spot and not allowed to be moved
why else use spot if it does not protect? I am a noony obviously Smile

_________________
I use Google Search on Puppy Forum
not an ideal solution though

Last edited by nooby on Tue 04 Jun 2013, 15:41; edited 1 time in total
Back to top
View user's profile Send private message 
sc0ttman


Joined: 16 Sep 2009
Posts: 2393
Location: UK

PostPosted: Tue 04 Jun 2013, 07:36    Post subject:  

nooby, you can set different GTK themes for different users, so the programs they use will look different... The easy way to do this is to make sure you dont have the files /root/spot/.gtkrc and /root/spot/.gtkrc.mine ... If you dont have the same GTK theme settings (gtkrc etc) in both /root and /root/spot then the programs will look different depending on if run as root or not.. If run as root programs will look 'normal', if not, they will have different (probably uglier) theme settings.. Hope that's clear.

EDIT: I attached a screenshot, so you can see.. The 1st is run as root, the second is run as spot (using `run_as_spot vlc-gtk` in akita)
vlc-root.png
 Description   
 Filesize   36.52 KB
 Viewed   1772 Time(s)

vlc-root.png

vlc-spot.png
 Description   
 Filesize   32 KB
 Viewed   1785 Time(s)

vlc-spot.png


_________________
Akita Linux, VLC-GTK, Pup Search, Pup File Search
Back to top
View user's profile Send private message 
jamesbond

Joined: 26 Feb 2007
Posts: 2352
Location: The Blue Marble

PostPosted: Tue 04 Jun 2013, 09:10    Post subject:  

Ted Dog wrote:
Nice a central script for run as spot... Could you add a control flag to run as root. I generally edit seamonkey-spot to seamonkey-bin to get around the issues of download corruptions and upload errors when ever I edit stuff as root and need to do something with the files upload/download using seamonkey to my webserver.

Instead of using "seamonkey-spot" just use "seamonkey" and it will run as whatever logged in user you are in.
Same for firefox - just use "firefox" instead of "firefox-spot", etc.

Quote:
However if we could run all apps as spot it should reduce those types of issues.
Could you give us a taste of the script in the next release of FatDog64?

Yes you already can. Go to Control Panel --> System --> User manager and create a new user (don't forget to set the password too). After you create a new user you can launch a second desktop too. Switch between desktops by pressing Ctrl-Alt-Fxxx (the first desktop is F4, second is F5, third is F6, etc).

While there, you can also choose whether you want to automatically logged in as "root" or as any other user. If you don't like autologin (as root or as any other user), go to Control Panel --> System --> Login manager to choose how to to login to the system, you have 3 choices: autologin, console login, or graphical login.

It's all in the login FAQ Smile

sc0ttman wrote:
I've looked at your script james, and I've no idea what half of it does (other than the obv).. What's all the Xauthority stuff? Can I get an 'in english for dummies' explanation?

Xauthority is the (old) security model of X server to prevent anyone who happens to know your IP address to connect to your Xorg and display
an annoying popup ad banner message Smile But relax this won't happen in Fatdog or Puppy because in both, X server is configured *not* to listen to any IP address.

It is there because when running Fatdog with the slim graphical login manager, slim creates an X authority file, and if that file isn't made available to spot, spot will not be able to display anything on screen. On regular sessions (ie console login / autologin), Xauthority isn't used.

Quote:
Akita has had a "Run as Spot" menu item in its main menu since around the time fido was first developed - cos fido stuff was too hard, so I ended up adding spot as a real user, correcting /dev permissions etc, adding the popup user login thing, etc (repeating half of pizzagoods barrys work to get there) - long story short, having done that, akita can run firefox, vlc etc as spot, with the cmd `run_as_spot $1` (sound works, etc)

The script run_as_spot basically contains
Code:
su -s /bin/bash spot -c "$@"

Fatdog's run-as-spot script used to be a one-liner like that, but there are a few others things that need to be set properly, otherwise certain apps will not run.
What it does:
1. Copy Xauthority as explained above.
2. Set $XDG_* environment variables needed by many freedesktop-compliant programs such as geany, libreoffice, chromium, etc.
3. Make sure after switching to spot we stays in the current directory (if current directory is readable by spot)
4. Make sure if the app requires arguments that has space in it, that space is preserved and passed correctly after switching to spot.

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread
Back to top
View user's profile Send private message 
Smithy


Joined: 12 Dec 2011
Posts: 495

PostPosted: Sun 08 Mar 2015, 06:18    Post subject: Re: Script to run everything as 'spot'  

jamesbond wrote:

How to use:
1. Gunzip, then chmod +x the script.
2. Copy it to /usr/bin
3. Prefix any app you want to run with "run-as-spot".


Enjoy. Feedback and contributions welcome.


Sorry if I am a bit thick, but number one (1.) is change the permission so it is executable?

3. Can a prefix be applied to a .desktop file (say firefox)? in the exec bit.
Could you show us a template or two.

Reason I ask is because the Fatdog 64 runs seamlessly with the spot and that firewall is tight. A good combo there jamesbond.

But I was trying 01micko's browse as spot on a regular puppy and it wouldn't work properly, was moaning about some firefox profile or something. I was hoping spot might just use the executable and that's it.

And can spot be applied to certain aspects of an app? Was thinking about wine aspects after mikeb mentioned mbr wipes occasionally.
Back to top
View user's profile Send private message 
jamesbond

Joined: 26 Feb 2007
Posts: 2352
Location: The Blue Marble

PostPosted: Sun 08 Mar 2015, 09:13    Post subject: Re: Script to run everything as 'spot'  

Smithy wrote:
Sorry if I am a bit thick, but number one (1.) is change the permission so it is executable?
Yes.

Quote:
3. Can a prefix be applied to a .desktop file (say firefox)? in the exec bit.
Could you show us a template or two.

Sure. In terminal, instead of typing "firefox" to run the web browser, you type "run-as-spot firefox".

In firefox.desktop file, you usually have the line "Exec=firefox" so change that to "Exec=run-as-spot firefox".

Quote:
Reason I ask is because the Fatdog 64 runs seamlessly with the spot and that firewall is tight. A good combo there jamesbond.
Thanks.

Quote:
But I was trying 01micko's browse as spot on a regular puppy and it wouldn't work properly, was moaning about some firefox profile or something. I was hoping spot might just use the executable and that's it.

You can always open a terminal and do "run-as-spot sh"; to get a new shell that runs as spot, proper. From there you can try to run firefox directly, and see any error messages you've got. If you've got errors it's most likely because the permission are not set correctly. E.g. sometimes the browser's profile under spot (/root/spot/.mozilla) is linked to an external partition outside the savefile (/mnt/sdb5 or something) but spot doesn't have access to that partition. This needs to be solved: either you give spot the permission to that partition, or move the browser profiles to somewhere else that spot has access to.

Quote:
And can spot be applied to certain aspects of an app? Was thinking about wine aspects after mikeb mentioned mbr wipes occasionally.
No. If you run a program under spot, then "all-aspects-of-it" will be running under spot. A program that needs to run under multiple-privilege levels (sometimes as root, sometimes as spot) cant' be run as "spot", it must always be run as root first, and it is up to the program to downgrade its access level to a non-root user. There are other ways of achieving this, but until aufs supports extended attribute this alternative method isn't gonig to work on Puppies (or Fatdog, for that matter).

Hope that helps.

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread
Back to top
View user's profile Send private message 
Smithy


Joined: 12 Dec 2011
Posts: 495

PostPosted: Sun 08 Mar 2015, 17:13    Post subject:  

Yes it does help thanks, I've been wanting to try spot for yonks but it seemed a bit complicated, this should be easy now.
Back to top
View user's profile Send private message 
Smithy


Joined: 12 Dec 2011
Posts: 495

PostPosted: Mon 09 Mar 2015, 05:50    Post subject:  

Blast, it doesn't work.
Altered the firefox desktop file
Code:
[Desktop Entry]
Encoding=UTF-8
Name=Firefox web browser
Icon=firefox.png
Comment=Firefox web browser
Exec="run-as-spot firefox"
Terminal=false
Type=Application
Categories=X-Internet-browser
GenericName=Firefox

Tried with and without the "brackets" surrounding the exec
Downloaded Geoffrey's Paint programme and Lazz Paint.
And it let me install them both.
Checked usr/bin/run as spot script.
Opened in terminal.
Code:
sh: : command not found
Script competed. Hit return to close window

Any ideas.
Back to top
View user's profile Send private message 
mikeb


Joined: 23 Nov 2006
Posts: 9939

PostPosted: Mon 09 Mar 2015, 07:00    Post subject:  

A bodge is never going to work as well as doing it properly...wine is another awkward one.

I made puppy 2.12 and 4.12 true multiuser with slim login manager some years ago..I might do lucid if it snows.

It was not rocket science even for an idiot like me so why has it never been done with puppy releases? Only really makes sense if looked upon as a live cd that never gets installed...mind you SLAX manages it ok and its a live CD.

Not really pursued it at it seems a waste of time anyway for our general use and being a true user is awkward especially with puppy and its weird scripts and methods though feeding of such as ubuntu should mean it works better now.

On the other hand if you want to run a server (use puppy for that...NEVER!!! Very Happy ) or have machines in public use or a family with bad habits then true multiuser would be of benefit.

mike

Last edited by mikeb on Mon 09 Mar 2015, 08:33; edited 1 time in total
Back to top
View user's profile Send private message 
mavrothal


Joined: 24 Aug 2009
Posts: 2170

PostPosted: Mon 09 Mar 2015, 07:10    Post subject:  

Smithy wrote:
Blast, it doesn't work.
Altered the firefox desktop file

JWM/Rox do not read the desktop file
You should change /root/.jwmrc (for the menu entry) and /usr/local/bin/defaultbrowser (for the desktop icon).
The desktop file works with other window managers

_________________
Kids all over the world go around with an XO laptop. They deserve one puppy (or many) too Very Happy
Back to top
View user's profile Send private message 
Smithy


Joined: 12 Dec 2011
Posts: 495

PostPosted: Mon 09 Mar 2015, 08:31    Post subject:  

Ok, usr/local/bin default browser, that works, thanks Mathrothal.
Is there any way to alter the script so it just works on the firefox executable or does it have to use profiles(I suppose it does), keeps locking out, can't find the profile.
Anyway to make the script point to the profile?

Sort of "please find xnxxjhxhfj.default folder."

I do recognise the usefulness of limiting execution of downloads, I think it's a good idea, and you can still in an instant just go and wreck/alter your puppy which we all like to do from time to time.
I agree mike, restricted user would be total crap.
Someone's making a server puppy I think Surprised Razz Smile
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 2 [19 Posts]   Goto page: 1, 2 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Cutting edge
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.2321s ][ Queries: 12 (0.0877s) ][ GZIP on ]