I have a php script that will collection data and write log into a file, the directory belongs to an user called 'ingestion' and a group called 'ingestion'. I was using the command
sudo -u ingestion php [script] &>> /var/log/FOLDER/adapter.log
The owner and group of FOLDER is ingestion. However, the created adapter.log still belongs to root user and root group, how is this possible?
Your file is created by the bash running as root, not by the process that you run via sudo as ingestion.
That's because the >> foo is part of the command line, not of the process started by sudo.
Here:
#foo.sh
echo foo: `id -u`
Then:
tmp root# sudo -u peter bash foo.sh > foo
tmp root# ls -l foo
-rw------- 1 root staff 9 Mar 2 18:52 foo
tmp root# cat foo
foo: 501
You can see that the file is created as root but the foo.sh script is run as uid 501.
You can fix this by running e.g.:
tmp root# sudo -u peter bash -c "bash foo.sh > foo"
tmp root# ls -l foo
-rw------- 1 peter staff 9 Mar 2 18:54 foo
tmp root# cat foo
foo: 501
In your case, of course, replace "..." with your php command.
Related
I need to write to a.txt. The file is owned by root with a read-write access. But still I cannot write over it with a sudo. Why?
% ls -l
total 8
-rw-r--r-- 1 root staff 6 Mar 24 00:30 a.txt
% sudo echo "hi" >> a.txt
zsh: permission denied: a.txt
The redirection happens before the commands are run, i.e. using the original user.
Work-around:
sudo sh -c 'echo "hi" >> a.txt'
What does this command do in a Linux terminal?
chmod -r /home/daria/photos/
I got this question because there was no error
chmod is a utility that is used to change the permissions of a file or directory. You can use ls -l /path/to/file command to observe the changes of chmod.
❯ echo "XYZ" > /tmp/abc # Create a new file named abc
❯ ls -l /tmp/abc # List the permissions of /tmp/abc
-rw-r--r-- 1 abdulkarim wheel 4B Apr 3 13:17 /tmp/abc
❯ cat /tmp/abc # Display the contents of the file
XYZ
❯ chmod -r /tmp/abc # remove read permissions for User, Group and Others
❯ ls -l /tmp/abc # Notice the read perms are gone
--w------- 1 abdulkarim wheel 4B Apr 3 13:17 /tmp/abc
❯ cat /tmp/abc # We can no longer cat the file!
cat: /tmp/abc: Permission denied
So, the command chmod -r /path/to/file will revoke the read permissions for everyone. Similarly chmod +r will grant read permission to everyone.
The man page for chmod does not explain this, making it difficult for some users but once you know this, you cannot un-know this :)
I'd like to run some script.
It need alias to modify command.
but it seem invalid.
ex:
root#161310ea476b:/tmp# cat test.sh
#!/bin/bash
ls /tmp
root#161310ea476b:/tmp#
root#161310ea476b:/tmp# ./test.sh
test.sh
root#161310ea476b:/tmp# . test.sh
test.sh
now I used alias
root#161310ea476b:/tmp# shopt -s expand_aliases
root#161310ea476b:/tmp# alias ls="ls -al"
it works.
root#161310ea476b:/tmp# . test.sh
total 12
drwxrwxrwt 2 root root 4096 Jun 21 09:41 .
drwxr-xr-x 21 root root 4096 Jun 21 09:39 ..
-rwxr-xr-x 1 root root 22 Jun 21 09:41 test.sh
but this case wasn't works. alias seem invalid.
root#161310ea476b:/tmp# ./test.sh
test.sh
root#161310ea476b:/tmp#
How to fix this problem?
Thanks.
Aliases are not inherited by the subshell used to execute your script.
Please see the answer provided here:
Aliases in subshell
Alternatively, you could create your alias as a function (instead of an alias), export it, and THEN run your script.
Create a function...
function ls() {
/bin/ls -al
}
...export it...
export -f ls
...and run your script
. ./test.sh
Of course, don't forget you've created a function ls. (Note: it should only exist as long as the shell you exported it from --- and any subshells from it --- is/are open).
I have a shell script which uses process substitution
The script is:
#!/bin/bash
while read line
do
echo "$line"
done < <( grep "^abcd$" file.txt )
When I run the script using sh file.sh I get the following output
$sh file.sh
file.sh: line 5: syntax error near unexpected token `<'
file.sh: line 5: `done < <( grep "^abcd$" file.txt )'
When I run the script using bash file.sh, the script works.
Interestingly, sh is a soft-link mapped to /bin/bash.
$ which bash
/bin/bash
$ which sh
/usr/bin/sh
$ ls -l /usr/bin/sh
lrwxrwxrwx 1 root root 9 Jul 23 2012 /usr/bin/sh -> /bin/bash
$ ls -l /bin/bash
-rwxr-xr-x 1 root root 648016 Jul 12 2012 /bin/bash
I tested to make sure symbolic links are being followed in my shell using the following:
$ ./a.out
hello world
$ ln -s a.out a.link
$ ./a.link
hello world
$ ls -l a.out
-rwx--x--x 1 xxxx xxxx 16614 Dec 27 19:53 a.out
$ ls -l a.link
lrwxrwxrwx 1 xxxx xxxx 5 May 14 14:12 a.link -> a.out
I am unable to understand why sh file.sh does not execute as /bin/bash file.sh since sh is a symbolic link to /bin/bash.
Any insights will be much appreciated. Thanks.
When invoked as sh, bash enters posix
mode after the startup files are read. Process substitution is not recognized in posix mode. According to posix, <(foo) should direct input from the file named (foo). (Well, that is, according to my reading of the standard. The grammar is ambiguous in many places.)
EDIT: From the bash manual:
The following list is what’s changed when ‘POSIX mode’ is in effect:
...
Process substitution is not available.
I trying run a script without become the su user and I use this command for this:
echo "password" | sudo -S <command>
If I use this command for "scp", "mv", "whoami" commands, the command works very well but when I use for "chmod", the command asks for password for my user. I don't enter password and the command works. My problem is the system asks password to me. I don't want the system asks for password.
Problem ss is like this:
[myLocalUser#myServer test-dir]$ ls -lt
total 24
--wx-wx-wx 1 root root 1397 May 26 12:12 file1
--wx-wx-wx 1 root root 867 May 26 12:12 script1
--wx-wx-wx 1 root root 8293 May 26 12:12 file2
--wx-wx-wx 1 root root 2521 May 26 12:12 file3
[myLocalUser#myServer test-dir]$ echo "myPassw0rd" | sudo -S chmod 111 /tmp/test-dir/*
[sudo] password for myLocalUser: I DONT WANT ASK FOR PASSWORD
[myLocalUser#myServer test-dir]$ ls -lt
total 24
---x--x--x 1 root root 1397 May 26 12:12 file1
---x--x--x 1 root root 867 May 26 12:12 script1
---x--x--x 1 root root 8293 May 26 12:12 file2
---x--x--x 1 root root 2521 May 26 12:12 file3
You can use the sudoers file, located in /etc/sudoers, to allow specific users execute commands as root without password.
myLocalUser ALL=(ALL) NOPASSWD: /bin/chmod
With this line the user myLocalUser can execute chmod as root without a password is needed.
But this also breaks parts of the system security, so be aware not allow too much and fence the task as much as possible.
sudoers information
sudo -S prints prompt to stderr.
If you don't want to see it, redirect stderr to /dev/null
The following command redirects stderr at the local host:
echo <password> | ssh <server> sudo -S ls 2>/dev/null
It is equivalent to echo <password> | ssh <server> "sudo -S ls" 2>/dev/null
The following command redirects stderr at the remote server:
echo <password> | ssh <server> "sudo -S ls 2>/dev/null"
If you need to keep stderr, but hide [sudo] password for ... then you can use process substitution on the local or remote machine. Since sudo prompt has no newline, I use sed to cut out the sudo prompt. I do this to save the first line of stderr of the created process.
# local filtering
echo <password> | ssh <server> "sudo -S ls" 2> >(sed -e 's/^.sudo[^:]\+: //')
#remote filtering
echo <password> | ssh <server> "sudo -S ls 2> >(sed -e 's/^.sudo[^:]\+: //')"