Get actual path for EUID instead of HOME dir #10336

pull snvakula wants to merge 1 commits into bitcoin:master from snvakula:contrib changing 1 files +4 −6
  1. snvakula commented at 11:18 AM on May 4, 2017: none

    Let 'bitcoind' run by user 'bitcoin' in Linux. Chown 'bitcoin-cli' to 'bitcoin:root' and set chmod '4750' (u+s flag). Then every root-privileged user be able to run 'bitcoin-cli' even if 'bitcoind' runs by user 'bitcoin'. For example: 'bitcoin-cli getinfo' or 'sudo bitcoin-cli getinfo'

    We need to patch 'util.cpp' by this pull request to get actual path for EUID instead of HOME dir, when you use 'u+s' flag.

  2. Get actual path for EUID instead of HOME dir a9cc1c4f6d
  3. jonasschnelli commented at 12:04 PM on May 4, 2017: contributor

    Not sure about this. The linux man page states:

    The pw_dir field contains the name of the initial working directory of the user. Login programs use the value of this field to initialize the HOME environment variable for the login shell. [====>] An application that wants to determine its user's home directory should inspect the value of HOME (rather than the value getpwuid(getuid())->pw_dir) since this allows the user to modify their notion of "the home directory" during a login session [<====]. To determine the (initial) home directory of another user, it is necessary to use getpwnam("username")->pw_dir or similar.

  4. fanquake added the label Utils and libraries on May 4, 2017
  5. snvakula commented at 2:08 PM on May 4, 2017: none

    jonasschnelli, when you are root, or run commands by root via sudo, your HOME env is '/root'. So when you try to execute 'sudo bitcoin-cli getinfo' with u+s flag, 'bitcoin-cli' will be ran by user 'bitcoin', but HOME env will be still '/root'. In this case, 'bitcoin-cli' cannot find the bitcoind without current patch.

  6. laanwj commented at 5:27 AM on May 11, 2017: member

    I'd prefer not to introduce this dependency. Most straightforward way would be to make a script that sets $HOME correctly before calling the tools, or passes -datadir or -conf options explicitly.

    OTOH:

    Please don't set-UID bitcoin-cli. This cannot be guaranteed to be secure, there may be lots of ways to get the tool to do something with the permissions that it shouldn't.

    There's also no need to: bitcoind and bitcoin-cli can run as different users. Communication happens over TCP localhost, which all users on the local system can access. They just need the RPC credentials.

    My suggestion would be to put bitcoin.conf in a place that's accessible to the users that need access.

  7. laanwj commented at 4:52 PM on May 23, 2017: member

    Closing this for above reasons (and lack of other feedback)

  8. laanwj closed this on May 23, 2017
  9. DrahtBot locked this on Sep 8, 2021
Contributors
snvakulajonasschnellilaanwj
Labels
Utils/log/libs
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-13 15:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me