0

I need to run the /sys/bus/usb/drivers/bind and its companion /sys/bus/usb/drivers/unbind from a Python script WITHOUT touching the sudoers file.

The main issues is that I can't use sudo from the Python script, so I need to make bind/unbind runnable by the normal user (I can't run the Python script as root either).

Update: I created a group, added the normal user and root to that group and did

chmod root:mygroup

The commands I want to access without having to use sudo or provide a password are:

/sys/bus/usb/drivers/usb/bind /sys/bus/usb/drivers/usb/unbind

They have the following permissions:

-rwxrwxrwx 1 root mygroup  # (for bind)
-rwxrwxrwx 1 root mygroup  # (for unbind)

Also, the folders leading up to the two programs/commands (namely /sys/bus/usb/drivers/usb/) have this:

drwxr-xr-x 2 root root

I still get "permission denied" but if I **keep all configurations plus a chmod 777** on the bind and unbind files it works, where is my error?

jww
  • 97,681
  • 90
  • 411
  • 885
A R
  • 500
  • 2
  • 7
  • 20
  • 1
    Create a setuid wrapper. – Charles Duffy Aug 09 '19 at 16:04
  • 1
    ...see [setuid setgid wrapper for python script](https://stackoverflow.com/questions/24541427/setuid-setgid-wrapper-for-python-script) for an example of someone else doing that. – Charles Duffy Aug 09 '19 at 16:05
  • Do I need to use C for this? Can't I do it from Python? – A R Aug 09 '19 at 17:02
  • 1
    You need to use C, or some other language that compiles to a binary executable. Operating systems following modern security practices don't honor the setuid bit on scripts. – Charles Duffy Aug 09 '19 at 20:15
  • Remove the write bit for world from those executables. Never set permissions to 777! – Dennis Williamson Aug 09 '19 at 21:31
  • Did your normal user log out and back in after you added them to the group? – Dennis Williamson Aug 09 '19 at 21:37
  • [Allow setuid on shell scripts](https://unix.stackexchange.com/q/364), [How can I use SetUID on a shell script to run as a non-root user?](https://serverfault.com/q/397969), [Why do my setuid root bash shell scripts not work?](https://stackoverflow.com/q/33565729/608639), [setuid/setgid wrapper for python script](https://stackoverflow.com/q/24541427/608639), [Setuid bit on python script : Linux vs Solaris](https://stackoverflow.com/q/8314012/608639), [How to set the setuid bit in a program of a non-root user?](https://stackoverflow.com/q/9536846/608639) and friends. – jww Aug 10 '19 at 08:48
  • Alright, a small update: setuid is out of the question since I can't use compiled languages. Also, I tried Dennis Williamson's suggestions but turns out the permissions and ownerships for those two binaries ARE BEING RESET ON REBOOT. – A R Aug 12 '19 at 14:39

0 Answers0