Switching users in a bash script? - Questions

This is a discussion on Switching users in a bash script? - Questions ; Hello! A lot of small pieces of a long bash script need to be executed as different users. How can I most easily accomplish this task?...

+ Reply to Thread
Results 1 to 7 of 7

Thread: Switching users in a bash script?

  1. Switching users in a bash script?

    Hello!

    A lot of small pieces of a long bash script need to be executed as different users. How can I most easily accomplish this task?

  2. Re: Switching users in a bash script?

    On 2006-08-26, Angel Tsankov wrote:
    > Hello!
    >
    > A lot of small pieces of a long bash script need to be executed as different
    > users. How can I most easily accomplish this task?


    First read the man pages of sudo(8) and sudoers(5). Check especially
    the "-u" and "NOPASSWD" sections (respectively). Then 'fix' the
    /etc/sudoers file using "visudo". Finally 'fix' your script!

    Apostolos

    --
    Replace earth.space with gmail.com for a valid e-mail

  3. Re: Switching users in a bash script?

    "Angel Tsankov" writes:

    >Hello!


    >A lot of small pieces of a long bash script need to be executed as different users. How can I most easily accomplish this task?


    Have root run the script and use
    su username -c commandname
    man su
    That is the ONLY way.

    Note that you cannot use suid on the script.



  4. Re: Switching users in a bash script?

    In comp.os.linux.misc Unruh :
    > "Angel Tsankov" writes:


    >> A lot of small pieces of a long bash script need to be
    >> executed as different users. How can I most easily accomplish
    >> this task?


    > Have root run the script and use
    > su username -c commandname
    > man su
    > That is the ONLY way.


    Not really, at least three other possibilities come to my mind.

    - Using 'sudo' ; NOPASSWD for the script.

    - Using ssh: 'ssh otheruser@localhost "script"; with keys setup.

    - Writing a short C wrapper that calls the script and is set
    SUID.

    The last should be avoided. The first needs root permissions to
    setup sudo. Using ssh doesn't need root permissions at all,
    presuming access to "otheruser" account is available.

    --
    Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
    mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
    #bofh excuse 412: Radial Telemetry Infiltration

  5. Re: Switching users in a bash script?

    On Sat, 26 Aug 2006, in the Usenet newsgroup comp.os.linux.misc, in article
    <44f011df$0$75034$14726298@news.sunsite.dk>, Angel Tsankov wrote:

    [Note: comp.os.linux.help and comp.os.linux.questions are bogus groups,
    only carried on mis-configured news servers. 'comp.os.linux.help' was
    renamed 'comp.os.linux.misc' in 1994.]

    >A lot of small pieces of a long bash script need to be executed as
    >different users. How can I most easily accomplish this task?


    I assume you have looked at _group_ permissions and decided that running
    the script as a group member isn't going to do the job.

    [compton ~]$ whatis su
    su (1) - run a shell with substitute user and group IDs
    [compton ~]$

    specifically, the 'su -c' option. To "run as" other users, _without_
    supplying a password, this script would have to be run by root. Otherwise
    the individual passwords need to be included on the 'su' invocations,
    which is a large security problem.

    Old guy

  6. Re: Switching users in a bash script?

    > Hello!
    >
    > A lot of small pieces of a long bash script need to be executed as different users. How can I most easily accomplish this task?


    OK, my question was whether I can 'su' in a bash script so that the commands that follow the 'su' in che script will be executed as
    the su'ed user.


  7. Re: Switching users in a bash script?

    "Angel Tsankov" wrote:
    >
    >OK, my question was whether I can 'su' in a bash script so that
    >the commands that follow the 'su' in che script will be executed
    >as the su'ed user.


    My question is why you don't read the man page and then try it.

    --
    Floyd L. Davidson
    Ukpeagvik (Barrow, Alaska) floyd@apaflo.com

+ Reply to Thread