On Jan 27, 2009, at 11:18 PM, Daniel B. wrote:
James G. wrote:
Why would the super user not be able to switch UID’s?
$ sudo ruby -r etc -e ‘Process.uid = Etc.getpwnam(“james”).uid’
-e:1:in `uid=’: Operation not permitted (Errno::EPERM)
Tips of TFM I should go R are welcome.
I seem to recall that setreuid() is busted on OS X, 10.4.x anyway. I
think it’s fixed in 10.5, but I can’t confirm.
I’m on Mac OS X 10.5.6.
I know this has come up before. Check the the ruby-core archives.
I did a few searches, but didn’t find a match. I did find old posts
about how Process.uid= can’t handle negative UID’s which is another
issue I’m fighting, but nothing about this issue.
On Jan 28, 2009, at 8:01 AM, Daniel B. wrote:
If I had to guess, I’d bet Apple replaced setreuid() with seteuid(),
but that’s a guess.
If that were the case, would it maybe be possible to switch users
using Apple’s alternate API?
Unfortunately, this issue is a big snag that’s preventing us from
shipping an application, so I’ve got to find some workaround. I’ve
considered trying to exec() my program adding su/sudo to switch the
user as a possible option. Would that work? I need to switch both
the user and group.
James Edward G. II