My problem: When I fork a new process and set the UID of that process
and want to create a log file that I redirect output into, I'm having
difficulties getting the log file to be owned by the correct person.

Below is a code snippet that demonstrates my problem.

require 'ftools'

fail "run this as root please" if Process.uid != 0
fail "usage: ruby #{ __FILE__ } <uid> <directory" if ARGV.size != 2

uid = ARGV.shift.to_i
dir = ARGV.shift

puts "uid is #{ Process.uid }"

puts "changing uid to #{ uid }"
Process.uid = uid

puts "uid is now #{ Process.uid }"

File.makedirs dir

puts "Hopefully <#{ dir }> was created by uid <#{ uid }>"

raise "why the heck don't I own this?" if !File.owned? dir

When I run this on my linux box, I get:
crabbe@~$ id
uid=7258(mz652c) gid=20(games) groups=20(games)

crabbe@~$ sudo ruby a.rb 7258 asdf
uid is 0
changing uid to 7258
uid is now 7258
Hopefully <asdf> was created by uid <7258>
a.rb:20: why the heck don't I own this? (RuntimeError)

crabbe@~$ ls -ld asdf
drwxr-xr-x 2 4294967294 4294967294 9 Nov 22 16:23 asdf

afaik this isn't possible from within a ruby, or any script. setuid programs
are gaurded pretty heavily by the kernel. i worked on this for some time at
one point and this was the only way it was possible at the time:

   http://codeforpeople.com/lib/ruby/setuidruby/

let me know if you figure out another method. the bottom line is that setuid
program must be binary.

enjoy.

-a

Joe Van Dyk wrote:

My problem: When I fork a new process and set the UID of that process
and want to create a log file that I redirect output into, I'm having
difficulties getting the log file to be owned by the correct person.

Process.uid = uid

You want to change effective id, not real id:

   Process.euid = uid

Very nice, thank you.

<goes off and googles the difference between effective and real uids>