Shell Scripting - different users.

Code junkies hangout here

Moderators: ChrisThornett, LXF moderators

Shell Scripting - different users.

Postby GMorgan » Sun Jan 28, 2007 1:03 pm

I'm wondering if a single shell script can run processes as different users.

I want to run the following as root
/sbin/ipw3945d
sleep 2
/usr/sbin/NetworkManager

then run
nm-applet

as a normal user.

I'm using FC6.
GMorgan
LXF regular
 
Posts: 684
Joined: Thu Jan 12, 2006 6:58 pm
Location: South Wales, UK

RE: Shell Scripting - different users.

Postby MartyBartfast » Sun Jan 28, 2007 3:28 pm

Yep, assuming you're running the script as the normal user you can run commands as root with

sudo /sbin/ipw3945d
and
sudo /usr/sbin/NetworkManager

You'll need to have appropriate entries in /etc/sudoers, something like

fred ALL= NOPASSWD: /sbin/ipw3945d , /usr/sbin/NetworkManager



If your script is running as root and you want to issue a command as a normal user you need to do

su - fred -c /usr/bin/nm-applet
I have been touched by his noodly appendage.
User avatar
MartyBartfast
LXF regular
 
Posts: 815
Joined: Mon Aug 22, 2005 7:25 am
Location: Hants, UK

RE: Shell Scripting - different users.

Postby GMorgan » Sun Jan 28, 2007 4:34 pm

Will that second option keep the script running as root or will all subsequent commands be run as fred. Personally I'd prefer to avoid NOPASSWDing it.
GMorgan
LXF regular
 
Posts: 684
Joined: Thu Jan 12, 2006 6:58 pm
Location: South Wales, UK

RE: Shell Scripting - different users.

Postby nordle » Sun Jan 28, 2007 5:21 pm

If the script is run by root user there is no need to know the passwords of the other users.

Each command issued within
su username -c "echo hello world"
will be run as username. Once that command is finished the script carries on as the user who called it, root.
I think, therefore I compile
User avatar
nordle
LXF regular
 
Posts: 1500
Joined: Fri Apr 08, 2005 9:56 pm

Re: RE: Shell Scripting - different users.

Postby MartyBartfast » Sun Jan 28, 2007 5:45 pm

GMorgan wrote:Will that second option keep the script running as root or will all subsequent commands be run as fred. Personally I'd prefer to avoid NOPASSWDing it.


If you omit the NOPASSWD: bit from the entry in /etc/sudoers then when your script does a 'sudo command' you'd need to enter the password of the account running the script (not the root password), however any subsequent sudo commands within X minutes will remember that you've authenticated yourself and won't ask for the password again (I can't remember what X is though!).

If you were to use the NOPASSWD: field as in my example that would allow user fred to only run the two commands listed without providing a password.

Another trick you can do if you want user fred to run something as bert without knowing bert's password is as fred do

sudo su - bert -c "some command"

and then have an appropriate entry in /etc/sudoers
User avatar
MartyBartfast
LXF regular
 
Posts: 815
Joined: Mon Aug 22, 2005 7:25 am
Location: Hants, UK

Re: RE: Shell Scripting - different users.

Postby nelz » Sun Jan 28, 2007 10:12 pm

MartyBartfast wrote:Another trick you can do if you want user fred to run something as bert without knowing bert's password is as fred do

sudo su - bert -c "some command"

and then have an appropriate entry in /etc/sudoers


You mean give fred permission to run su as root in /etc/sudoers? That's a very bad idea. A muchmore sensible option would be

Code: Select all
sudo -u bert some command
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
User avatar
nelz
Site admin
 
Posts: 8499
Joined: Mon Apr 04, 2005 11:52 am
Location: Warrington, UK


Return to Programming

Who is online

Users browsing this forum: No registered users and 1 guest