Setuid bit question

Shell Scripting & Linux Command Line
1

I am a bit at loss, with a rather trivial question:

I have a shell script to compare and copy some of my personal files into a certain system folder, namely

/var/www/html and its ownership and permissions are:

drwxr-xr-x  4 root root 4096 Sep 23 01:46 html/

So, my script is globally executable as:

-rwsr-xr-x 1 root root 248 Sep 17 12:52 /usr/local/bin/rel.sh*

Still, when I execute it, it keeps telling asking me things like:

cp: cannot remove '/var/www/html/math.js': Permission denied

And yet: invoked with sudo, everything’s fine.

I always thought, if the setuid bit was set (it is, as you can see), the program should run with the owner’s (here: root) privileges and hence should not require further authentication.

Am I getting this wrong or is this a particularity of Ubuntu or Debian based distributions? Any enlightening comment would be appreciated.

PS: I’m not looking for a solution to the file copy issue. I know many ways to achieve this, but I’d simply like to understand why this particular attempt to solve it, fails.

1 Like
2

This has a clear look at uid:
https://developpaper.com/detailed-explanation-of-root-permission-control-in-linux-system/

3

that’s always been a curly one for me - in 25 or more years using NIX, I’ve never gotten my head around setuid and things like sticky bits…

1 Like
4

Thank you for providing the link @kgwoo! Unfortunately, the text doesn’t contain the slightest bit of information relevant to my question.

5

Good to know. Makes me feel a bit less stupid.

6

Hopefully this post answers your question:

Starting with the sentence " Linux ignores the setuidÂą bit on all interpreted executables (i.e. executables starting with a #! line)."
For me its TLDR; but seems totally relevant :smiley:

2 Likes
7

Hmmm, it is simply a more formal way of saying what the post that kovacslt posted… :open_hands:

8

That’s the solution! You’re the boss!

I didn’t know that, now I know.

2 Likes
9

Also, nice to know, that according to the article, Perl scripts are exempt from the rule, due to the fact that the Perl compiler “performs the necessary checks and reinvokes the interpreter on the desired scripts with the desired privileges”.

I just tried - and yes, no problem.

2 Likes
10

I didn’t know as well…
Just found a link with a lucky search query…
:smiley:

2 Likes