Aside: even though this is not a Debian specific question, I often use debian- user as my first resource in asking Linux questions.
Background: 8 years ago I wrote a set of scripts to help me mount and unmount LUKS encrypted partitions as needed and as myself (<myuserid>) rather than as root. Aside: This was (and still is) under Debian Wheezy -- I know I should upgrade. I do have installations of Jessie and Buster on other computers and am getting ready to install Bullseye on another machine which might replace the Wheezy machine (if I can run TDE under Bullseye). Getting these scripts working as intended (that is, using suid) is part of my effort to do that. Problem: I tried to use suid to allow the scripts to be run by me, but with the permissions of root but I could not get that to work. Aside: I do run those scripts with the aid of a (compiled) c helper program that switches to root and then runs the appropriate script (setuid( 0 ) and then system( "<bash_script_filename>" ). The script to mount a partition looks like this (comments deleted, and some things shown "generically" for privacy / security): #!/bin/bash /sbin/cryptsetup luksOpen /dev/sd<ann> <luks_device_name> && /bin/mount /dev/mapper/<luks_device_name> <mount_point> The ownership and permissions that I tried to use (I tried some variations, and I have different permissions at the moment) were: -rwsr-xr-x 1 root <groupid_that_includes_my_userid> 1412 Aug 31 2014 <bash_script_filename> (I should remove the read and execute permission from all, but that is what I had at that time.) Why can't I run that successfully as myself (<my_userid>), and what could I do to make it run? When I invoke the script with those permissions, including suid, I get a response like: $ <bash_script_filename> WARNING!!! Possibly insecure memory. Are you root? Cannot open device /dev/sd<ann> for read-only access. $ To clarify: when I run these scripts with the aid of the c helper program, the scripts work as intended and I get no error messages. Thanks for any input!
