From owner-freebsd-questions@FreeBSD.ORG  Fri Aug 28 08:54:22 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A6FBE106566C
	for <freebsd-questions@freebsd.org>;
	Fri, 28 Aug 2009 08:54:22 +0000 (UTC)
	(envelope-from keramida@ceid.upatras.gr)
Received: from poseidon.ceid.upatras.gr (poseidon.ceid.upatras.gr
	[150.140.141.169])
	by mx1.freebsd.org (Postfix) with ESMTP id 552648FC0A
	for <freebsd-questions@freebsd.org>;
	Fri, 28 Aug 2009 08:54:22 +0000 (UTC)
Received: from mail.ceid.upatras.gr (unknown [10.1.0.143])
	by poseidon.ceid.upatras.gr (Postfix) with ESMTP id 6E367EB5402;
	Fri, 28 Aug 2009 11:54:21 +0300 (EEST)
Received: from localhost (europa.ceid.upatras.gr [127.0.0.1])
	by mail.ceid.upatras.gr (Postfix) with ESMTP id 62942450D0;
	Fri, 28 Aug 2009 11:54:21 +0300 (EEST)
X-Virus-Scanned: amavisd-new at ceid.upatras.gr
Received: from mail.ceid.upatras.gr ([127.0.0.1])
	by localhost (europa.ceid.upatras.gr [127.0.0.1]) (amavisd-new,
	port 10024)
	with ESMTP id Lj7kmmBlNJpl; Fri, 28 Aug 2009 11:54:21 +0300 (EEST)
Received: from kobe.laptop (unknown [77.49.137.81])
	by mail.ceid.upatras.gr (Postfix) with ESMTP id 2837C4503F;
	Fri, 28 Aug 2009 11:54:21 +0300 (EEST)
Received: from kobe.laptop (kobe.laptop [127.0.0.1])
	by kobe.laptop (8.14.3/8.14.3) with ESMTP id n7S8sKcO035970
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Fri, 28 Aug 2009 11:54:20 +0300 (EEST)
	(envelope-from keramida@ceid.upatras.gr)
Received: (from keramida@localhost)
	by kobe.laptop (8.14.3/8.14.3/Submit) id n7S8sJQR035969;
	Fri, 28 Aug 2009 11:54:19 +0300 (EEST)
	(envelope-from keramida@ceid.upatras.gr)
From: Giorgos Keramidas <keramida@ceid.upatras.gr>
To: Jeronimo Calvo <jeronimocalvop@googlemail.com>
References: <beaf3aa50908280124pbd2c760v8d51eb4ae965dedc@mail.gmail.com>
Date: Fri, 28 Aug 2009 11:54:19 +0300
In-Reply-To: <beaf3aa50908280124pbd2c760v8d51eb4ae965dedc@mail.gmail.com>
	(Jeronimo Calvo's message of "Fri, 28 Aug 2009 09:24:35 +0100")
Message-ID: <87y6p4pbd0.fsf@kobe.laptop>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1.50 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: freebsd-questions@freebsd.org
Subject: Re: SUID permission on Bash script
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Aug 2009 08:54:22 -0000

On Fri, 28 Aug 2009 09:24:35 +0100, Jeronimo Calvo <jeronimocalvop@googlemail.com> wrote:
> Hi folks!
>
> Im trying to set up a reaaallly basic scrip to allow one user to shutdown my
> machine without root permisions, seting up SUID as follows:
>
>
> -rwsrwxr-- 1 root wheel 38 Aug 27 23:12 apagar.sh
>
> $ ./apagar.sh
>
> Permission denied
>
>
> content of script:
>
>
> cat apagar.sh
>
> ]#!/usr/local/bin/bash
> shutdown -p now
>
> As far as i know, using SUID, script must runs with root
> permissions... so i shoudnt get "Permission denied", what im doing
> wrong??

No it must not.  There are security reasons why shell scripts are not
setuid-capable.  You can find some of them in the archives of the
mailing list, going back at least until 1997.

The good thing is that you don't need a shell script to do that.  You
can install `sudo' and give permission to the specific user to run:

    sudo shutdown -p now