1#!/usr/bin/env python3 2# 3# Script used for running executables with custom labels, as well as custom uid/gid 4# Process label is changed by writing to /proc/self/attr/curent 5# 6# Script expects user id and group id to exist, and be the same. 7# 8# From adduser manual: 9# """By default, each user in Debian GNU/Linux is given a corresponding group 10# with the same name. """ 11# 12# Usage: root@desk:~# python3 notroot.py <uid> <label> <full_path_to_executable> [arguments ..] 13# eg: python3 notroot.py 1000 User::Label /bin/ping -c 3 192.168.1.1 14# 15# Author: Alexandru Cornea <alexandru.cornea@intel.com> 16import os 17import sys 18 19try: 20 uid = int(sys.argv[1]) 21 sys.argv.pop(1) 22 label = sys.argv[1] 23 sys.argv.pop(1) 24 open("/proc/self/attr/current", "w").write(label) 25 path=sys.argv[1] 26 sys.argv.pop(0) 27 os.setgid(uid) 28 os.setuid(uid) 29 os.execv(path,sys.argv) 30 31except Exception as e: 32 print(e.strerror) 33 sys.exit(-1) 34