0

I am currently looking for the simplest way to find all binary files in /usr/bin and /usr/sbin directories that require root privilege to run, which means I should run them using sudo or by being root only, for example, tcpdump.

I have a freshly installed Ubuntu 20.04 LTE so I don't have any other additional binary files.

Every single answer would help and is much appreciated.

thanasisp
  • 7,802
  • 2
  • 26
  • 39
Tomas
  • 131
  • 1
  • 7
  • 2
    Almost everything in `/sbin` – roaima May 03 '22 at 19:52
  • 4
    It's not really the *binaries* (or scripts) that require root privilege - it's the things they operate on. For example, an unprivileged user may run tcpdump to list interfaces, but not to examine packets traversing those interfaces. – steeldriver May 03 '22 at 20:00
  • Appreciate that. But is there any command to perform that and find exactly all binaries? Like using the find utility? – Tomas May 03 '22 at 20:01
  • 1
    As steeldriver already stated, a binary itself does not require root (or indicate this in any way), only what it's trying to do. How would you test every possible operation of a binary to see if it requries root? `echo hello | tee file` for example could require root, depending on permisisons set on `file`. – Panki May 03 '22 at 20:54
  • You also have issues with `suid` binaries that essentially inherit root permissions or with accounts that may have capabilities like `CAP_NET_ADMIN` assigned - root-like permissions but more limited. – doneal24 May 03 '22 at 21:14
  • `mount` can run as a user, but it has extra functionality that requires root rights. Conversely, you don't need special rights to run `su` or `sudo` because those tools run with root permissions already, but they can also confer privileges under certain well-defined circumstances – roaima May 03 '22 at 21:31
  • There is no simple way, a searchable feature they all have, to look for it, probably just the fact that `sbin` has many of them. But you 'd probably have to check them one by one, for which of them require, totally or for some actions, root privileges. Probably you 'd like to read this [related post](https://unix.stackexchange.com/q/443226/216907) – thanasisp May 04 '22 at 01:04
  • Even `tcpdump` can be set up to allow non-`root` users to capture packets. – Stephen Kitt May 04 '22 at 04:11
  • If you tell us your goals, then we will be in a better position to help: it looks like you intended actions may be at odds with your goals. – ctrl-alt-delor May 04 '22 at 09:19

1 Answers1

0

There's no such command and I really doubt there can be one. You basically ask: "I need to disassemble and find out programs under /sbin really work with privileged objects".

Based on usage, some commands in /sbin can be run the by the normal user.

Based on usage, some commands in /bin may require the root privileged, e.g. file -s /dev/sda.

Artem S. Tashkinov
  • 26,392
  • 4
  • 33
  • 64