Effective user id does not change after making the file owned by root

StackOverflow https://stackoverflow.com/questions/18937775

Question

I'm currently reading a book on programming with C, I got to a part where I've got to write a program which will display the real uid and effective uid that the file is being executed on. After compiling the code with gcc, I input the command to see the current uOwner and gOwner ls- l id_demo the output is this:

-rwxrwxr-x 1 user user 8629 Sep 21 13:04 id_demo

I then execute the program itself, this is what I get:

real uid: 1000 effective uid: 1000

...so far so good. I then input a command to change the owner of the file:

sudo chown root:root ./id_demo

The ls -l confirms that the owner has been changed to root:

-rwxrwxr-x 1 root root 8629 Sep 21 13:04 id_demo

Again, executing the program shows real uid and uid as 1000. The last step after which the uid must be 0 is this: sudo chmod u+s ./uid_demo but for me they stay as 1000, where in the book the output is clearly show to be this:

real uid: 1000
effective uid: 0

Any ideas why is this happening?

UPDATE

id_demo source code:

#include <stdio.h>

int main ()
{
    printf("real uid: %d\n", getuid());
    printf("effective uid: %d\n", geteuid());
}

UPDATE 2 Screen shots

            ss #1

              ls -l testuid

PLEASE HELP. I'm going crazy I spent 6+hour looking for the solution and I need to move on.

Was it helpful?

Solution

We've figured it out. The cause is an ecryptfs-mounted home directory. The mount output contains the following line:

/home/evgeny/.Private on /home/evgeny type ecryptfs

That means that the home directory isn't actually part of the root filesystem (that has the necessary suid flag), but its own virtual filesystem that apparently doesn't support setuid binaries by default. I have successfully reproduced the issue with a test user that has an encrypted home directory.

It is possible to add the suid flag to the ecryptfs with the following command:

sudo mount -i -o remount,suid /home/evgeny

I'm not certain though how safe that is, nor how to change it permanently so that it would survive reboots.

OTHER TIPS

This works for me:

compile

$ gcc uid_demo.c -o uid_demo

$ ll
total 12
-rwxrwxr-x 1 saml saml 6743 Sep 21 17:05 uid_demo
-rw-rw-r-- 1 saml saml  116 Sep 21 16:58 uid_demo.c

chown

$ sudo chown root:root uid_demo
$ ll
total 12
-rwxrwxr-x 1 root root 6743 Sep 21 17:05 uid_demo
-rw-rw-r-- 1 saml saml  116 Sep 21 16:58 uid_demo.c

chmod

$ sudo chmod u+s uid_demo
$ ll
total 12
-rwsrwxr-x 1 root root 6743 Sep 21 17:05 uid_demo
-rw-rw-r-- 1 saml saml  116 Sep 21 16:58 uid_demo.c

run

$ ./uid_demo 
real uid: 500
effective uid: 0
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top