Ruby gem executable with SUID not working as it should
As you may see by the image below, I changed the ownership of my emerald_setupscript to root:root and also set the SUID.
It happens that when I install the gem and check this script, it belongs to edvaldo:edvaldo (my user name) and has no SUID at all!
I don't know exactly what is happening, but this script makes changes to /etc/hosts and also creates some firewall rules. This requires root privileges.
So, my questions are:
What am I missing in this case of the SUID?
How must I proceed to make sure the gem executable will have the SUID set?
Of course I know I could ask the user to run this script using
$ sudo emerald_setup
but this would lead me to another problem, since the gem executable is installed in user space and its location is NOT in superuser's path and setting this (guess what?!) requires superuser privileges.
Any suggestions?
You cannot pack up a program/script with suid privileges in a gem (or even a tarball) and have those privileges be restored when unpacking as a regular user. At some point, whoever installs your gem is going to have supply the password for root access. You could arrange for this to happen when the gem is installed by having the :install target of the gem Rakefile run a script which would prompt the user for su(do) password and then use sudo to run the commands that need to be run as root, though.
- Add http(s) to URL if it's not there?
- How to see absolute paths in swagger for sinatra (rswag)
- zsh script command not finding ruby gem
- Ruby 2.6.5 and PostgreSQL pg-gem segmentation fault
- Running `zat create` or `zat validate`, gives error `translate': wrong number of arguments (given 2, expected 0..1) (ArgumentError)
- Why does Ruby have both private and protected methods?
- How do I search within an array of hashes by hash values in ruby?
- Watir-webdriver - force firefox to close
- Why don't transparent huge pages work for a program spawned from within Ruby?
- uninitialized constant ActiveSupport::LoggerThreadSafeLevel::Logger (NameError)
- What is a Ruby factory method?
- Is it possible to configure the IRB prompt to change dynamically?
- Why does my rails 8 app create these mysterious annoying files?
- Rails ActionMailer default-method used in two classes: What's the difference?
- I try to create a carbon footprint calculator using ruby on rails 7. But I can't save and the user's object
- Clearing Fragment Caching from Console
- How to get HTML of DOM element in Capybara?
- undefined method `exists?' for File:Class (NoMethodError)?
- Ruby-Selenium WebDriver 3.142.6: Unable to upload file due to "Selenium::WebDriver::Error::UnknownCommandError:"
- ruby 2.0 rails gem install error "cannot load such file -- openssl"
- Managing many Ruby on Rails applications of different versions
- PubNub Ruby SDK: Celluloid::DeadActorError: attempted to call a dead actor: fetch_average
- How to find and return a duplicate value in array
- `to_specs': Could not find 'railties' (>= 0) among 8 total gem(s) (Gem::LoadError)
- faster n choose k for combination of array ruby
- How to exclude files/directories when running a Cucumber Rake task?
- Ruby on rails no method error controller home
- How to fix error in Rails Authentication generation with RSpec?
- How to group combined AND with OR statements using the Sequel GEM in Ruby?
- How to use parallel_tests in github actions