I always want to run a script as user1, but the code flow always runs it as root. So, I want to check the current user inside the script. If it is root, I want to run the rest of the script as user1.
I want to do something similar to this. But only difference is I need to run the script as a particular user (say user1). So, when I find that the current user is not user1, I do not want to exit but want to run rest of the shell script as user1.
How can I achieve this?
Thanks #User123. But I was facing some issues with that solution as there are many functions and variables in the script. Not sure what the problem exactly is. But, this worked for me now:
if [ $USER == <undesired user> ]; then
echo Current user is $USER. Running the script as <desired user>
su -c 'sh <script.sh>' <desired user>
else
echo Current user is $USER
...
<rest of the script>
...
fi
Related
The below script executing with root user.After switch user Unix function showing error.
test.sh
#!/bin/bash
fn_test()
{
echo "This is function"
}
whoami
fn_test
su - oracle<<EOF
whoami
fn_test #This function not called
EOF
exit 0
O/P
root $ ./test.sh
root
This is function
oracle
-ksh[2]: fn_test: not found [No such file or directory]
You have a confusion on what su actually does: you hope it to just swith user when it does start a new process. You can control it with ps in an interactive session: you see the original shell, the su command, the new shell launched by su and the current ps command.
As a shell function is local to the shell it cannot be used in a (grand) child shell.
The best that you can hope is to pass something through the environment. I know that aliases can be put there unsure for functions. Moreover, this is absolutely shell dependant and might not be portable.
I need to request certain commands via su including password in one line.
I found a solution and it is working in a standard environment (Ubuntu) (more about solution here):
{ sleep 1; echo password; } | script -qc 'su -l user -c id' /dev/null | tail -n +2
But I am faced with the problem that this solution is not suitable in a Docker container environment
Script terminates the command without waiting for echo and as a result i get:
su: Authentication failure
Any help is much appreciated.
Passing the password for su via stdin is problematic for various reasons: the biggest one is probably that your password will end up in the history.
You could instead:
Call the entire script as the specific user and thus enter the password manually
Use sudo with the appropriate NOPASSWD sudoers configuration
In your case you are using docker, so you could just set the USER in your Dockerfile
How can I pipe emails for a specific user to a script AND that script to be ran with a specific user's login.
I have this in my /etc/postfix/master.cf file:
my_transport unix - n n - 50 pipe
flags=R user=deploy argv=/srv/www/myscript
My script prints $PATH and whoami to a file and this is what I get
PATH=/usr/bin:/bin
whoami = deploy
If I run sudo su - deploy and run echo "PATH=$PATH" and echo "whoami = $(whoami)" I get
PATH=/home/deploy/.rbenv/shims:/home/deploy/.rbenv/bin:/home/deploy/.rbenv/shims:/home/deploy/.rbenv/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
whoami = deploy
How do I make postfix run myscript as deploy user but with it's real path, not the short one.
Thank you!
I made a dirty hack with a new script that I use to call my old script
PATH=/home/deploy/.rbenv/bin:/home/deploy/.rbenv/shims:$PATH
source "$1"
exit $?
More info in this diff
Hope this will be useful to somebody else :D
I have a user in linux
and i have a problem, because the user in linux is accessed by many users and in some times somebody for error write crontab -r and delete all crontabs.
Is there a way to lock the command: "crontab -r"? (i am not the user root, only have this permisions in this user)
But i need that all the persons in the user can create crontab ("crontab -e") or list the crontab ("crontab -l")
I have a red hat server.
Thanks
If all you need to prevent is carelessness, a simple wrapper in /usr/local/bin/crontab is all it takes.
#!/bin/sh
case $1 in
-r) echo "$0 -r disabled; aborting" >&2
exit 1;;
esac
exec /usr/bin/crontab "$#"
You'd have to make crontab into a shell script that would catch this and throw an error. How you would tell when the operation is proper or not, though, is up to you. Since many different people log in with the same username, there's no intrinsic way to tell when it's proper to do something and when it's not.
I have a bash script that must be run by the root user, however, I would like that script to force the user to exit root automatically. I know you exit root by typing 'exit' into the command line, but putting that into the bash script will just exit the script. Help is appreciated!
You can try to use the suggestion given by William
$sudo ./your.sh
You can also use sudo -v at the start of your script to ask for the sudo password.
And sudo -k at the end to clear the cache.
Simply stick something like this to the beginning of your script:
if [ "$(whoami)" == root ]; then
echo "ERROR: root cannot run this script"
exit 1
fi
That will enforce that you can run the script only as a regular user and when the script exits you will be the regular user again. Then put a sudo in front of every command that in the script that does need root permission. With caching sudo credentials the user of your script needs to enter his/her pwd only once.