Difference between revisions of "Runuser"

From Notes_Wiki
(Created page with "<yambe:breadcrumb>Shell_scripting|Shell scripting</yambe:breadcrumb> =runuser= A normal user can run commands with root privileges with help of sudo. Similarly if a root use...")
 
m
Line 35: Line 35:
</pre>
</pre>
runs echo with root user privileges.
runs echo with root user privileges.
''Note that if all this appears complex or if root privileges wont be available then one can also use setuid, setgid approach by making the required user owner/group owner of the executable and by setting setuid and setgid bits.  This would cause the program to be executed with user owner's permissions and not with the permissions of user executing the program.''





Revision as of 05:52, 12 March 2013

<yambe:breadcrumb>Shell_scripting|Shell scripting</yambe:breadcrumb>

runuser

A normal user can run commands with root privileges with help of sudo. Similarly if a root user needs to run commands as a normal user it can use 'runuser' as follows:

runuser -l redmine -c "cd; touch a.txt"

This would cause creation of fine a.txt in user redmines home folder with user owner and group owner as redmine and redmines primary group.

Similarly

runuser -l redmine -c "sleep 100"

causes sleep command to be executed with user redmine's privileges.

To just get a redmine users shell one can use both runuser or su as

runuesr -l redmine  #OR
su - redmine

Note that strangely the output of

runuser -l redmine -c "cd ~; echo $USER; echo $PWD"

seems to indicate commands running as root user, which is very weird. Explanation for this strange behavior is not yet known.

This strangeness is present even while using su to run commands as non-root user. That is although

su - redmine -c "sleep 100"

runs sleep as redmine user. The following command

su - redmine -c "cd ~; echo $USER; echo $PWD"

runs echo with root user privileges.


Note that if all this appears complex or if root privileges wont be available then one can also use setuid, setgid approach by making the required user owner/group owner of the executable and by setting setuid and setgid bits. This would cause the program to be executed with user owner's permissions and not with the permissions of user executing the program.


Some steps learned from http://www.cyberciti.biz/open-source/command-line-hacks/linux-run-command-as-different-user/

<yambe:breadcrumb>Shell_scripting|Shell scripting</yambe:breadcrumb>