problem of 'shc'

[ccclay]

I learn from internet that shc creates a stripped binary executable version of the script specified with -f on the command line. The binary version will get a .x extension appended and will usually be a bit larger in size than the original ascii code. Generated C source code is saved in a file with the extension .x.c . In its simplest form "shc -f script" will produce "script.x" and "script.x.c"; the "script.x" is your executable and the "x.c" is the source code.

So I tried and have below result.

I make a script that will touch a file 123, the name of the script is named as test. Codes are :
#!/bin/sh
touch 123

Then I do this in terminal.
shc -f test

terminal responsed :
test.x.c:90:22: error: sys/stat.h: No such file or directory
test.x.c:91:23: error: sys/types.h: No such file or directory
test.x.c:93:19: error: errno.h: No such file or directory
test.x.c:94:19: error: stdio.h: No such file or directory
test.x.c:95:20: error: stdlib.h: No such file or directory
test.x.c:96:20: error: string.h: No such file or directory
test.x.c:97:18: error: time.h: No such file or directory
test.x.c:98:20: error: unistd.h: No such file or directory
test.x.c: In function 'key_with_file':
test.x.c:160: error: array type has incomplete element type
test.x.c:161: error: array type has incomplete element type
test.x.c:167: warning: incompatible implicit declaration of built-in function 'memset'
test.x.c: In function 'chkenv':
test.x.c:212: warning: incompatible implicit declaration of built-in function 'sprintf'
test.x.c:213: warning: assignment makes pointer from integer without a cast
test.x.c:217: warning: incompatible implicit declaration of built-in function 'strlen'
test.x.c:221: warning: incompatible implicit declaration of built-in function 'strdup'
test.x.c:224: warning: incompatible implicit declaration of built-in function 'sscanf'
test.x.c:236:24: error: sys/ptrace.h: No such file or directory
test.x.c:238:22: error: sys/wait.h: No such file or directory
test.x.c:239:19: error: fcntl.h: No such file or directory
test.x.c:240:20: error: signal.h: No such file or directory
test.x.c: In function 'untraceable':
test.x.c:259: warning: incompatible implicit declaration of built-in function 'sprintf'
test.x.c:262: error: 'O_RDWR' undeclared (first use in this function)
test.x.c:262: error: (Each undeclared identifier is reported only once
test.x.c:262: error: for each function it appears in.)
test.x.c:262: error: 'O_EXCL' undeclared (first use in this function)
test.x.c:263: error: 'errno' undeclared (first use in this function)
test.x.c:263: error: 'EBUSY' undeclared (first use in this function)
test.x.c:264: error: 'PTRACE_ATTACH' undeclared (first use in this function)
test.x.c:266: error: 'SIGCONT' undeclared (first use in this function)
test.x.c:269: error: 'SIGKILL' undeclared (first use in this function)
test.x.c:271: warning: incompatible implicit declaration of built-in function '_exit'
test.x.c:279: warning: incompatible implicit declaration of built-in function '_exit'
test.x.c: In function 'xsh':
test.x.c:292: error: 'time_t' undeclared (first use in this function)
test.x.c:292: error: expected expression before ')' token
test.x.c:293: error: expected expression before ')' token
test.x.c:308: warning: incompatible implicit declaration of built-in function 'calloc'
test.x.c:324: warning: incompatible implicit declaration of built-in function 'malloc'
test.x.c:327: warning: incompatible implicit declaration of built-in function 'memset'
test.x.c:328: warning: incompatible implicit declaration of built-in function 'memcpy'
test.x.c:334: warning: incompatible implicit declaration of built-in function 'malloc'
test.x.c:337: warning: incompatible implicit declaration of built-in function 'sprintf'
test.x.c: In function 'main':
test.x.c:371: warning: incompatible implicit declaration of built-in function 'fprintf'
test.x.c:371: error: 'stderr' undeclared (first use in this function)
test.x.c:372: error: 'errno' undeclared (first use in this function)
shc: Success

I find that in my system there is a new file created as test.x.c
However, there is no test.x . Without it I cannot execute the file.

So, what is wrong ?

[ghostdog74]

this is an advice and not a solution to your problem. If you ever need to use shc to convert your shell script to an executable for distribution , then you are "designing" your solution to your problem the "not so right" way. Just $0.02.

[Cabhan]

Without discussing the utility of such a utility (as I'm sure there is some), the problem here appears to be a case of missing header files. Do you have glibc installed?

[ccclay]

Thx ghostdog74 and Cabhan.

My purpose of using shc is to put password or auth key into a script so when others running this script they can access my system and do what I have set in the script but they cannot read or use the password or auth key then get into my system for other actions. Actually I am not sure if this works and so want to make some test.

Hi Cabhan, I am using Ubuntu-Server 7.10 _Gutsy Gibbon_ - Release i386 (20071016). I dont know if it is installed with glibc or not. How I can know that ? and if it is not, then how I can install it ? thank you for your guidance.

[ghostdog74]

the more "sane" way , is to set the required files permission, or a central interface (a web interface maybe? ), where YOU control what can or cannot be done..

[Cabhan]

The package may be called glibc, glibc-dev, or something like that. Alternatively, on Ubuntu, I believe that it is called build-essential.

I assume you know about installing packages through Apt (or Synaptic)? You can search in Synaptic for "build-essential", and it will tell you if it's already installed.

Basically, C uses a number of header files that provide all sorts of functionality (Input/Output, memory allocation, string manipulation, etc.). These are all provided on Linux through the GNU C Library, which you seem to not have.


Having said all of this, ghostdog is correct that there may be a better way to do this. The usual way to give people access to your system is to create a user account for them and to give it appropriate permissions to access what you want them to. The UNIX permissions world is somewhat simplistic, but as a result, it is rather powerful and simple to use.

So for instance, if you want someone to be able to execute some program, rather than making them login as you through some script, you could actually give that person's account permission to execute the program.

[ccclay]

Thx ghostdog74 and Cabhan. I will consider the method as ghostdog74. Would like to say more my consideration in the side of targeted users.

The users are low-income and old people aged over 60, a light notebook is carried with them to collect their body and health data which will be sent to a database server through internet transmission, once the data is indicating something abnormal then will trigger a script to inform community doctor or nurse. These older people are not educated so I want them needless to care the login job and just simply click an icon then the application will run. Besides, these kind of application are automatically run so dont want to handle any typing job. One more reason, it is for security, to avoid other people using the access permission to do other thing such as entering the server so even dont need the user to know the access password.

Yes, thanks to Cabhan, I have installed the build-essential and successfully created some file.x. However, a new problem is found, and it is fatal : the file.x can only run in one ubuntu where the file.x is created, if run in other ubuntu or other linux system it will be error and cannot run. I have installed 2 ubuntu in my PC, below is what I have tested with 2 files in 2 ubuntu installation.

I created 2 files : test_touch.x in old_Ubuntu and abc.x in New_Ubuntu

old_Ubuntu ( a CD version produced by Canonical Ltd )
Here running test_touch.x is ok but abc.x is problem.

~$ ./test_touch.x
~$ ./abc.x
./abc.x: b/�m


New_Ubuntu ( download from ubuntu website )
Here running abc.x is ok but test_touch.x is problem.

~$ ./abc.x
~$ ./test_touch.x
./test_touch.x: �Aq0����t�[�


This happened when running in Suse
Both abc.x and test_touch.x are awesome

~ # ./test_touch.x
./test_touch.x: \uffffx&C\uffff[=\uffff\uffff-Z}\uffff\uffff\uffff\uffff\uffffs\uffff_zabnormal behavior!
~ # ./abc.x
./abc.x: q\uffff\uffff\uffff\uffff\uffff\U00047bb3\uffff\uf fffA\uffff\uffffn9<hexec '&#37;s' "$@"

Any suggestions ? Thanks a lot !!
If this problem is not solved , using shc is meaningless. Do you agree ?

[Cabhan]

I found shc's man page at:
shc(1)

It mentions a '-r' option which allows the binary to be executed on other systems. The reason for this, I believe (and this is pure guesswork), is that shc apparently encrypts your script somehow, and all shc does is generate C code that essentially passes the script to Bash. However, it probably uses some system-dependent information to do the encryption, which '-r' relaxes.

As for the targeted thing: I'm not sure exactly what you're intending to do with this, but another solution (which is more in line with how this stuff is usually done), would be to write a C application that simply connects to the server remotely and passes it some authorization and information.

Why is this useful? Well, it means that you can provide an external interface, which allows you to change the way the server works and still have everything properly. If you're planning to have some user ssh into your system and execute commands, it requires some sort of predetermined system configuration.

If this is basically what you're doing, only through Bash, I don't see why you need to hide the auth key. Theoretically, you could tell the server that anyone accessing with some auth key can only access certain services.

I suspect that your approach will work, it's just that I've never seen it before, so I'm trying to see how I would have approached it.

I'd be interested in how this turns out, though.

[ghostdog74]

judging by what you described, then a web interface might be just what you need. You can provide authentication through the database ( also consider SSL enabled etc etc ). Provide a form for these old people to key in, once they submit, update to databases. At the backend, you can provide more code for checking and sending of alerts to those doctors...etc...$0.02. this structure is more flexible than compiling scripts ...

[ccclay]

Thx Cabhan, seems using -r is exactly solving the problem. I have tried and succeed. Thank you very much !!

Back to the application, I agree with both of you Cabhan and Ghostdog74, you are giving the right solution. Still one more requirement, using a web interface, is it possible that the user (old people) needless to type any word, instead, just simply click an icon then their individual data will be sent and stored in the right place at the database server ? And this is why I want to encrypt the loginName+password or auth key into a script which can be run automatically.