Error after setting SUID bit

asked 2020-07-23 03:29:50 -0500

Ivan4815162342
5 ●8 ●10 ●13

Hello,

I write my ros node, which called zero_node and I need to run this node with root rights. For that I changed owner:

sudo chown root zero_node

and set SUID bit:

sudo chmod +s zero_node

But when I run my node, I get this error: "./zero_node: error while loading shared libraries: libxmlrpcpp.so: cannot open shared object file: No such file or directory"

If I run it withou SUID bit everything works fine, but without root rights of course. Do you have any ideas what I am doing wrong or maybe another ways to run ros node with root rights?

edit retag flag offensive close merge delete

Comments

It's likely setting the SUID bit causes the executable loader to sanatise the environment before starting the binary.

As libxmlrpcpp.so is not on the sanatised linker load path (ie: library search path), it cannot be found, and thus your binary cannot be started.

gvdhoorn ( 2020-07-24 08:55:17 -0500 )edit

Interesting, and what should I done to solve this problem?

Ivan4815162342 ( 2020-08-06 03:49:06 -0500 )edit

Not run things as root. That's typically not a good idea.

I need to run this node with root rights.

can you clarify why?

There may be other ways to achieve what you need to do, but without more information we cannot suggest any.

Also note: this is not a ROS problem, but a general system configuration one.

It's likely any binary which (tries to) link(s) libraries in locations not on the default linker search paths run into this problem when trying to run them as root (either directly or via setuid).

gvdhoorn ( 2020-08-06 03:51:05 -0500 )edit

Sorry, I had to clarify what I am doing. I am writing a rosnode that launches several other nodes and tracks their topics. In particular, I start a lidar node, but for this node to work, the permissions on /dev/ttyUSB0 must be changed. In the future, I want to start my node with a daemon and that node will run autonomously, which means I won't be able to enter the password for chmod every time I start my node. I have one solution - to allow the sudo chmod command to run without a password, but I think this is not a good idea from a security standpoint. And the second solution is to change the owner of my binary and set the SUID bit, but that doesn't work. So, I would really appreciate it if you can help me with this problem and suggest a better solution.

Ivan4815162342 ( 2020-08-06 04:17:06 -0500 )edit

After your last comment this appears to be a clear example of an xy-problem.

gvdhoorn ( 2020-08-06 04:40:02 -0500 )edit

add a comment

answered 2020-08-06 04:39:06 -0500

gvdhoorn
86574 ●283 ●1432 ●1054 http://cor.tudelft.nl/

updated 2020-08-06 04:41:55 -0500

I start a lidar node, but for this node to work, the permissions on /dev/ttyUSB0 must be changed.

giving access to device files is typically done by changing the ownership of the device file to a group, and then adding the users which need access to the group.

If /dev/ttyUSB0 is owned by dialout for instance, you'd add the user to the dialout group. See debian.org/SystemGroups and search for dialout.

There should be no need to run anything as root then.

In general: do not run ROS nodes as root. Try to avoid that at all costs. As there is no security in ROS 1, you are essentially opening a server socket to a process running with root privileges. That's not a good thing to do.

Comments

Thank you for your advice,It works for me!

Ivan4815162342 ( 2020-08-06 06:17:20 -0500 )edit

add a comment

Error after setting SUID bit

Comments

1 Answer

Comments

Question Tools

Stats

Related questions

Error after setting SUID bit edit

Comments

1 Answer

Comments

Question Tools

Stats

Related questions

Error after setting SUID bit