Run vlc as root

From LinuxIntro
Jump to: navigation, search

The best video player in the world is VLC. But when I try to run as root user it I get the following error message:

VLC is not supposed to be run as root. Sorry.
If you need to use real-time priorities and/or privileged TCP ports
you can use vlc-wrapper (make sure it is Set-UID root and
cannot be run by non-trusted users first).

That's nonsense to my opinion so I want to remove it. Re-compiling takes time and knowledge about video codex so I want a shorter way. Just editing the executable file /usr/bin/vlc will work:

cp /usr/bin/vlc /usr/bin/vlc-backup
needle=$(objdump -d /usr/bin/vlc | grep euid | tail -1 | awk '{print "\\x"$2"\\x"$3"\\x"$4"\\x"$5"\\x"$6;}')
sed -ir "s/$needle/\xb8\x01\x00\x00\x00/" /usr/bin/vlc

and it works, vlc runs as root now.

How I found this out

When starting vlc as root you will probably get the following error message:

VLC is not supposed to be run as root. Sorry.
If you need to use real-time priorities and/or privileged TCP ports
you can use vlc-wrapper (make sure it is Set-UID root and
cannot be run by non-trusted users first).

Here is how I change this behavior:

gdb /usr/bin/vlc
(gdb) info functions
All defined functions:

Non-debugging symbols:
[...]
0x0000000000400f40  geteuid
[...]

Let's break in the function to get the effective user identity:

(gdb) break geteuid
Breakpoint 1 at 0x400f40

Let's start the program to run till the first breakpoint:

(gdb) run
Starting program: /usr/bin/vlc 

Breakpoint 1, 0x00007ffff71cfc70 in geteuid () from /lib64/libc.so.6

ok, let's trace the program one command at a time:

(gdb) stepi
0x00007ffff71cfc75 in geteuid () from /lib64/libc.so.6
(gdb) stepi
0x00007ffff71cfc77 in geteuid () from /lib64/libc.so.6
(gdb) 
0x0000000000401103 in ?? ()
(gdb) 
0x0000000000401105 in ?? ()
(gdb) 

Ok, let's look at this program part with a disassembler:

objdump -d -M intel /usr/bin/vlc
[...]
 4010f9:       e8 32 0a 00 00          call   401b30 <unsetenv>
 4010fe:       e8 3d fe ff ff          call   400f40 <geteuid@plt>
 401103:       85 c0                   test   eax,eax
 401105:       0f 84 04 06 00 00       je     40170f <fflush@plt+0x66f>
 40110b:       be ca 1f 40 00          mov    esi,0x401fca
 401110:       bf 06 00 00 00          mov    edi,0x6
[...]

If you do not have exactly the same vlc version as I have, yours will probably look different. In this case just follow the instructions below and assume your values instead of this example.

It seems as if (address) 4010fe calls geteuid, 401103 prepares a conditional jump and 401105 jumps if equal somewhere. So we call a hexeditor:

okteta /usr/bin/vlc

and replace

0f 84 04 06 00 00

by some instructions to wait:

90 90 90 90 90 90

When calling vlc now as root, it does not abort :)

See also