Cannot Set UID on Shell Scripts

Solution 1:

You cannot use SUID root for shell scripts. Only real programs can be SUID root, shell scripts start with "#!" and the interpreter would have to run SUID and that does not work for some reason I didn't know

Take a look at sudo and install it! Edit /etc/sudoerrs, add a line like this:

www-data        ALL=NOPASSWD: /usr/local/sbin/iptables_packet_report.sh

Then just run

sudo /usr/local/sbin/iptables_packet_report.sh

from your code.

It should then not ask for the password, but evaluate the process automatically.

I'm quite sure that your error messages would also happen if you manually su into www-data and run it manually

Solution 2:

As Christian indicated my problem was that I was trying to SUID on a shell script. As explained here setting SUID on a shell script is a very bad idea:

executing a shell script under UNIX involves a two-step process: when the kernel determines that a shell script is about to be run, it first starts up a SUID copy of the shell interpreter, then the shell interpreter begins executing the shell script. Because these two operations are performed in two discrete steps, you can interrupt the kernel after the first step and switch the file that the shell interpreter is about to execute. In this fashion, an attacker could get the computer to execute any shell script of his or her choosing

Because of this, many modern linux distros ignore SUID shell scripts, including gentoo which I was using. I was able to edit the sudoers file and got it working.