I have a program I wrote and it accesses hardware (device files) and requires root permissions to run. I would like this program to be executable by a non privileged user, without the necessity for a root password. I have tried modifying the permissions with sudo chmod u+s programName reboot, but the program then the program wont run with sudo ./programName
I can remember doing this, like 12 years ago, but I cant figure it out now. Any tips?
If you set the owner of your program's executable file to root with
sudo chown root /path/to/program/executable
and then set its setuid bit with
sudo chmod u+s /path/to/program/executable
then you neither need to reboot afterwards nor use sudo. Starting the program normally by name will execute it with root privileges. This will however allow any user to run the program with root privileges, so you should be very sure you programmed it in such a way it cannot be abused to perform other actions than you intended with root privileges.
The first step is essential. The function of the the setuid bit is to cause the program to run with the UID of the file owner. If that owner is not root then the program will not have root privileges, even if you run it with sudo, since the setuid bit overrides the effect of sudo.
So either run your program with sudo or set the setuid bit with chmod u+s, but not both.
NB: Instead of running your program with root privilege, it might be better to set the permissions of the device files it accesses to allow the regular user running it the necessary access.
