Difference between revisions of "Runuser"
m |
m |
||
Line 24: | Line 24: | ||
runuser -l redmine -c "cd ~; echo $USER; echo $PWD" | runuser -l redmine -c "cd ~; echo $USER; echo $PWD" | ||
</pre> | </pre> | ||
seems to indicate commands running as root user, which is very weird. | seems to indicate commands running as root user, which is very weird. This is because various environment variables used are same as that for root user. However following command will not work as expected for a user with limited privileges: | ||
<pre> | |||
runuser -l redmine -c "cd ~; echo $USER; echo $PWD; ls /root" | |||
</pre> | |||
This strangeness is present even while using su to run commands as non-root user. That is although | This strangeness is present even while using su to run commands as non-root user. That is although |
Revision as of 02:49, 5 February 2014
<yambe:breadcrumb>Shell_scripting|Shell scripting</yambe:breadcrumb>
runuser
A normal user can run commands with root privileges with help of sudo. Similarly if a root user needs to run commands as a normal user it can use 'runuser' as follows:
runuser -l redmine -c "cd; touch a.txt"
This would cause creation of fine a.txt in user redmines home folder with user owner and group owner as redmine and redmines primary group.
Similarly
runuser -l redmine -c "sleep 100"
causes sleep command to be executed with user redmine's privileges.
To just get a redmine users shell one can use both runuser or su as
runuesr -l redmine #OR su - redmine
Note that strangely the output of
runuser -l redmine -c "cd ~; echo $USER; echo $PWD"
seems to indicate commands running as root user, which is very weird. This is because various environment variables used are same as that for root user. However following command will not work as expected for a user with limited privileges:
runuser -l redmine -c "cd ~; echo $USER; echo $PWD; ls /root"
This strangeness is present even while using su to run commands as non-root user. That is although
su - redmine -c "sleep 100"
runs sleep as redmine user. The following command
su - redmine -c "cd ~; echo $USER; echo $PWD"
runs echo with root user privileges.
Note that if all this appears complex or if root privileges wont be available then one can also use setuid, setgid approach by making the required user owner/group owner of the executable and by setting setuid and setgid bits. This would cause the program to be executed with user owner's permissions and not with the permissions of user executing the program.
Some steps learned from http://www.cyberciti.biz/open-source/command-line-hacks/linux-run-command-as-different-user/
<yambe:breadcrumb>Shell_scripting|Shell scripting</yambe:breadcrumb>