1

In my GO scenario, I have a function that might be called or not. This function has this statement:

bpfPath := fmt.Sprintf("/dev/bpf%d", i)
f, err = os.OpenFile(bpfPath, os.O_RDWR, 0666)

However, the file /dev/bpf0 could be opened only with sudo.

Is it possible to ask a user for permission for sudo only in case when I call to open this file, in runtime?

Timur
  • 488
  • 4
  • 14
  • 1
    I am not sure what are you asking: are you trying to know that the error is caused due to a non-root account and report to user so, or are you trying to ask the user to provide permission and then try that part again with other data remained in runtime? – leaf bebop Apr 17 '21 at 14:55
  • @leafbebop the second. I want right before opening the file I want to ask a user for sudo. – Timur Apr 17 '21 at 15:31
  • 2
    You can't add privilege to an already running program. You might try one of two things: restart the program via [`sudo` (or a privileged wrapper program)](https://golang.org/pkg/syscall/#Exec); invoke a helper program (you will likely have to write that for your needs) that passes an opened file descriptor (via a [unix domain socket](https://stackoverflow.com/questions/909064/portable-way-to-pass-file-descriptor-between-different-processes)) to your running program. – Tinkerer Apr 18 '21 at 01:24
  • 2
    You can't elevate the permissions of a unix process during runtime - even with `sudo`. You can run a sudo subprocess via `cmd.Exec()` - but that process will not be part of your main go program. You could probably `cmd.Exec` `sudo cat /dev/bpf1` and read the process `Stdout` to get the privileged file content. You'll all have to set `NOPASSWD` rules in the `sudoers` file to ensure you don't get password prompted for this particular command (as password submission to a tty will get very tricky). – colm.anseo Apr 18 '21 at 01:36

0 Answers0