INTRODUCTION ------------ root is a nice little program helping you with your daily administration tasks. Because I got tired from typing super user passwords I designed this program using ideas from some friends of mine. root allows you to gain root permissions to easily obtain a shell or to simply execute a single command. But root is not limited to the super user's id. Every user may switch to any other administrative or non-administrative user ID depending on his/her rights determined by a central configuration file. As a matter of laziness, I choose the shortcut "+" for my program. Obviously, "#" would have been closer to the conventions, but the Bourne shell does not allow commands to be named that way. On the other hand, the C-shell does allow such a naming convention and so you may find it nice to change the Makefile when you are a C-shell user (which in fact I am not). HOW CAN I USE ROOT? ------------------- There are two ways in which root may be installed. 1) The program will be built and installed in a private directory, therefore executable for a single user or members of a single group. Everybody, who may execute the program will get super user permissions without having to enter a password. In this case, you will normally undefine the STRICT option in config.h to allow every operation specified by the invoking user. 2) The program will be built and installed in a public directory (e.g. /local/bin) and is therefore executable for every user in the system. Access to super user permissions will be controlled by a configuration file /etc/root.conf. Every user who is allowed to switch to a different identity must be entered in the configuration file. For instance, the lines pete root, news deborah news would allow user pete to gain super user, and news permissions while user deborah is allowed to do news administration only. Note that in the above example, pete may switch only to user "root" and "news" in the first place. However, when he has gained super user permissions, he may switch to any user id he wants using su(1). For this reason, root does not check the configuration file any more, when the invoking user has got the real (not effective!) user id 0. INVOKING ROOT ------------- There are three ways in which root may be invoked. - Without arguments, root will simply spawn a new shell with the newly obtained permissions, for example: $ + $ + -u uucp -h - With arguments, root will execute a single command with the selected permissions, for example: $ + vi /etc/gettydefs $ + cp /dev/null /etc/wtmp - Invoked using the -c option, root will also execute a single command, but a separate shell process will be used. Therefore, a complete pipeline may be passed to root where every process in the pipeline runs with the same permissions. root will use the shell specified in the environment variable SHELL or, if not available, in the user's entry in /etc/passwd. If you want to use a different shell, change SHELL. Using the Bourne shell, for instance, you may type: $ SHELL=/bin/csh + -u sarah -h -c "prog1 |& prog2" which will use the C-shell to execute the pipeline "prog1 |& prog2" in the sarah's home directory with sarah's user permissions. There are three ways, in which an identity may selected. - Named "root" or "+" without using the -u option, root will try to change to super user permissions. However, an entry called "root" must exist in /etc/passwd. - Using the -u option, you can tell root to look for a different entry in /etc/passwd. root switches to the given uid and gid of that entry. When a shell must be invoked (-c option) and the environment variable SHELL is not set, root also uses the login shell field of that entry - If such a link is available, you can call root by a name consisting of a "+" and a user's login name, for example "+uucp", "+lp" or "+news". However, this works as if you had specified the -u option but in the long run, you will find this shortcut very convenient to use. HOW TO COMPILE ROOT ------------------- (1) First edit config.h and set the options you want by defining or undefining option labels. However, up to this day, there only a single option called STRICT. When STRICT is turn on (defined), a configuration file /etc/root.conf must exist for root to do it's work (with the exception of the super user executing the program, where root ignores the configuration file anyway). When STRICT is turned off (undefined), every operation is possible the invoking user may switch to any user id he wants. Be careful to install root in a secure program when you do this. This is EXTREMELY dangerous. (2) Have a look at the makefile. Perhaps you want to change the installtion directory used in step 4. (3) Type 'make'. root will now be compiled and linked. (4) Switch to super user permissions using su(1) (obviously for the last time in your life :-) and type 'make install'. root will now be installed. (5) If you want, make several new links of the program named +, where stands for any valid user name of your system. This is a convenient shortcut, avoiding the "+ -u " construction on the command line. BUGS AND HINTS -------------- If you find any bugs or if you have any suggestions concerning improvement or style send me a letter: Tim Pritlove tp@climax.fx.sub.org