Results 1 to 6 of 6

Thread: How do I run su or sudo from a script as normal user

Hybrid View

  1. #1
    Join Date
    Mar 2008
    Location
    Oz
    Posts
    11,727
    Blog Entries
    2

    Default How do I run su or sudo from a script as normal user

    Hi.
    Suppose I want to start a process from a script with a sudo or su command like this:
    su -root /path_to/command
    or this, I don't really care which:
    sudo /path_to/command

    Is there an option to put the root password in there somewhere so the command will run from a script started by a normal user. I understand the security implications.

    Thanks
    Swerdna
    Leap 42.3 & 15.1(Beta) &KDE
    FYIs from the days of yore

  2. #2
    ab@novell.com NNTP User

    Default Re: How do I run su or sudo from a script as normal user

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Modify /etc/sudoers (see man page for exactly how, or one of a million
    posts online) and add the 'NOPASSWD' option for when you run your script
    so that you just are not prompted. Storing passwords in files is just
    better to be avoided.

    Good luck.





    swerdna wrote:
    > Hi.
    > Suppose I want to start a process from a script with a sudo or su
    > command like this:
    > su -root /path_to/command
    > or this, I don't really care which:
    > sudo /path_to/command
    >
    > Is there an option to put the root password in there somewhere so the
    > command will run from a script started by a normal user. I understand
    > the security implications.
    >
    > Thanks
    > Swerdna
    >
    >

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.2 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iD8DBQFJYlZR3s42bA80+9kRAlMVAJ9GKZpAyZ9k6KPVlSZ/Cw4cswgS1wCfQgH5
    Z0ZIjLZq6XvCA+xPGrO2WAQ=
    =Xc3J
    -----END PGP SIGNATURE-----

  3. #3
    Join Date
    Mar 2008
    Location
    Oz
    Posts
    11,727
    Blog Entries
    2

    Default Re: How do I run su or sudo from a script as normal user

    Thanks ab, too easy.
    Leap 42.3 & 15.1(Beta) &KDE
    FYIs from the days of yore

  4. #4
    ab@novell.com NNTP User

    Default Re: How do I run su or sudo from a script as normal user

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Absolutely.... as you know, this is Linux. If you want something hard
    feel free to try another OS. :-)

    Good luck.





    swerdna wrote:
    > Thanks ab, too easy.
    >
    >

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.2 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iD8DBQFJYl213s42bA80+9kRAsMKAJwNOWbhwXDN9X3VdQb/IZmIPgSdKwCfeBuA
    K0jT5ufLsuZIEbHVmoyOL/k=
    =gfST
    -----END PGP SIGNATURE-----

  5. #5
    Join Date
    Dec 2008
    Location
    Hamburg
    Posts
    458

    Default Re: How do I run su or sudo from a script as normal user

    Hi,

    Quote Originally Posted by swerdna View Post
    Hi.
    Suppose I want to start a process from a script with a sudo or su command like this:
    su -root /path_to/command
    or this, I don't really care which:
    sudo /path_to/command

    Is there an option to put the root password in there somewhere so the command will run from a script started by a normal user. I understand the security implications.
    I would solve this with the setuid-bit. Let's say your script is named /root/bin/foo.sh. First you make root the owner of the script:

    Code:
    chown root:users /root/bin/foo.sh
    Then you change the rights like this:

    Code:
    chmod 4750 /root/bin/foo.sh
    Now the script is executable for users which are in the group users but runs with root rights. Be careful with this. I would also add a special group for that issue where only trusted users are in.

    hth

    Greetings

    Erik

  6. #6
    ab@novell.com NNTP User

    Default Re: How do I run su or sudo from a script as normal user

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Except that you can't use setuid on shell scripts in SUSE, or most *nix
    distros for that matter:
    http://www.tuxation.com/setuid-on-shell-scripts.html

    Good luck.





    erikro wrote:
    > Hi,
    >
    > swerdna;1922113 Wrote:
    >> Hi.
    >> Suppose I want to start a process from a script with a sudo or su
    >> command like this:
    >> su -root /path_to/command
    >> or this, I don't really care which:
    >> sudo /path_to/command
    >>
    >> Is there an option to put the root password in there somewhere so the
    >> command will run from a script started by a normal user. I understand
    >> the security implications.
    >>

    >
    > I would solve this with the setuid-bit. Let's say your script is named
    > /root/bin/foo.sh. First you make root the owner of the script:
    >
    >
    > Code:
    > --------------------
    >
    > chown root:users /root/bin/foo.sh
    >
    > --------------------
    >
    >
    > Then you change the rights like this:
    >
    >
    > Code:
    > --------------------
    >
    > chmod 4750 /root/bin/foo.sh
    >
    > --------------------
    >
    >
    > Now the script is executable for users which are in the group users but
    > runs with root rights. Be careful with this. I would also add a special
    > group for that issue where only trusted users are in.
    >
    > hth
    >
    > Greetings
    >
    > Erik
    >
    >

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.2 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iD8DBQFJYma63s42bA80+9kRAl7QAJ9Yg/xC3a48ja7q8ThJq+ULByJk5ACeOFJ4
    qVhwmnEe2JD31ykya7YVmwQ=
    =jP1/
    -----END PGP SIGNATURE-----

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •