How to know if user is root or fakeroot?

Question

I would like to know if user is root, without minding if that user is using a fakeroot-like tool or not.

I tried the functions getuid(), geteuid() and getlogin(), but when I launch fakeroot command each of these sends my own account information instead of root.

For this code:

printf("%d %d %s\n", getuid(), geteuid(), getlogin());

Here is what I get:

% fakeroot ./busybox rm 
1000 1000 julien

When I would like to get something like:

0 0 root

(the login would be enough)

By definition of `fakeroot` you should not be able to make programmatically the difference; at least if the binary is dynamically linked (I guess `fakeroot` uses `LD_PRELOAD` tricks). — Basile Starynkevitch, Sep 07 '13 at 16:55
@BasileStarynkevitch So why, when I enter `fakeroot whoami` do I get `root`? — Julien Fouilhé, Sep 07 '13 at 16:57
That's a little odd -- `fakeroot` should be intercepting `get*uid` calls. Is `busybox` compiled against a static libc? — nneonneo, Sep 07 '13 at 16:57
On my machine both `fakeroot id` and `fakeroot whoami` gives root answers. — Basile Starynkevitch, Sep 07 '13 at 16:58
@nneonneo Ah s***... Yes, that's why, but I have to compile it statically (it's for a school project) and they gave me this example to see if it was working... — Julien Fouilhé, Sep 07 '13 at 17:01
@JulienFouilhé: if they think `fakeroot` will affect a statically linked binary, then they are certainly mistaken. `fakeroot` has no effect on statically-linked binaries. — nneonneo, Sep 07 '13 at 17:02
Yeah, I think they didn't compile it against a static libc and gave us a bad test. — Julien Fouilhé, Sep 07 '13 at 17:05

score 6 · Answer 1 · answered Sep 07 '13 at 16:59

It looks as if your binary (busybox) is compiled against a static libc. fakeroot uses dynamic library preloading to intercept and replace calls to various libc functions, but this only works if your binary is dynamically linked to libc. If it is statically linked, the function calls are bound to the real calls inside the binary, so there is no way to intercept them.

score 4 · Accepted Answer · answered Sep 07 '13 at 17:03

4

nneonneo got the reason right, but here's the solution: Fakeroot-ng. It uses ptrace and system call interception, rather than LD_PRELOAD and library call interception, which makes it compatible with static linking, much more robust, and even able to handle calls made from inside libc (which otherwise would not be hookable).

answered Sep 07 '13 at 17:03

R.. GitHub STOP HELPING ICE

208,859
35
376
711

Oh, that's cute. I figured it was possible with `ptrace` magic; it's nice to know that someone actually did it. – nneonneo Sep 07 '13 at 17:05
BTW right now it's fairly limited due to syscall differences between architectures and lack of resources to support all the archs Linux supports, but with the new "seccomp2" `ptrace` interfaces, it's possible to do syscall interception and filtering in an almost-arch-agnostic way. Adapting Fakeroot-ng to use the seccomp2 approach would make it a lot more portable and practical. – R.. GitHub STOP HELPING ICE Sep 07 '13 at 17:13
@nneonneo Thanks guys, I can't figure out which one of you two got my answer, works perfectly (has to be launched in sudo though) ;) – Julien Fouilhé Sep 07 '13 at 17:13
@R.. has your answer. I just gave the reason :) – nneonneo Sep 07 '13 at 17:15

How to know if user is root or fakeroot?

2 Answers2