LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-22-2006, 09:27 AM   #1
Stuart65
LQ Newbie
 
Registered: Aug 2006
Location: Frankfurt, Germany
Distribution: SUSE & SLES
Posts: 5

Rep: Reputation: 0
Starting a process under a different username?


Hi,

I would like to start a process from a script that runs under a specific username and does not require any user input. The process must continue running after the user that started it has logged out.

I believe I know the basics of doing this but I cannot work out how to make it non-interactive.

Here's an interactive example of what I'd like to do in a script.

su user
cd /var/....
nohup ./COMMAND &
exit

Thanks and regards,
Stuart
 
Old 08-22-2006, 10:54 AM   #2
Agrouf
Senior Member
 
Registered: Sep 2005
Location: France
Distribution: LFS
Posts: 1,591

Rep: Reputation: 79
sudo -u bob command
man sudo
 
Old 08-22-2006, 11:06 AM   #3
timmeke
Senior Member
 
Registered: Nov 2005
Location: Belgium
Distribution: Red Hat, Fedora
Posts: 1,515

Rep: Reputation: 61
Or chown the file and then put the SetUID permission bit on using chown. But the sudo solution is safer and better.
SetUID is definitely not recommended if user == root.
 
Old 08-24-2006, 04:09 AM   #4
Stuart65
LQ Newbie
 
Registered: Aug 2006
Location: Frankfurt, Germany
Distribution: SUSE & SLES
Posts: 5

Original Poster
Rep: Reputation: 0
Thanks for the replies.

Using sudo was an option that I had explored but sudo is not installed by default as part of a SLES minimum installation and we do not want to install it if unnecessary .

I'd like to explorer SetUID option further and would like to know what the dangers (if there are any) of using this option.

Any help would be appreciated, thanks.
 
Old 08-24-2006, 06:29 AM   #5
timmeke
Senior Member
 
Registered: Nov 2005
Location: Belgium
Distribution: Red Hat, Fedora
Posts: 1,515

Rep: Reputation: 61
The SetUID bit makes an executable run as if it was called by an other user, namely the user that owns the file (check with 'ls -l yourfile'). This can be a security risk, especially if the file is owned by root.
Just consider what happens if the file was compromised. Then anyone could enter some commands into it and make it run as if it was run by root - effectively getting root access to your machine.

Files with SetUID root must therefor be avoided were possible and must be put in a directory that's only writable by root. All parent directories, uptil /, must be writable by root only as well.

A file with SetUID to some user that is not root is less harmful. But consider the following:
a hacker breaks into your system, looks for SetUID files, finds your application and runs it. This may break some pieces of valuable information for you and there is no way of finding out who is the culprit (ie who executed the program).

Enabling the SetUID bit is done via 'chmod'. See it's man page for details.
 
Old 08-24-2006, 06:50 AM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531
That's a clear explanation by timmeke there for you which should lead to the natural conclusion using Sudo should be the way to go, unless it's a service that should be started on boot, then you would use an initscript. So what app are we talking about?


Using sudo was an option that I had explored but sudo is not installed by default as part of a SLES minimum installation and we do not want to install it if unnecessary.
Then it should be considered as necessary. Sudo helps you manage tasks that transcend regular user rights: it enhances security.
 
Old 08-24-2006, 02:26 PM   #7
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,066
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
A third alternative would be to just use su ...

su - user -c "command; command; command"



Cheers,
Tink
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
a questions about starting process fetsh Linux - Newbie 2 06-03-2005 08:42 PM
Killing process by username mijohnst Linux - Software 4 05-30-2005 09:50 PM
create username starting with a number? rmang Red Hat 0 05-13-2005 05:11 PM
Starting a program with a given process id DropSig Linux - Newbie 1 09-29-2004 09:41 PM
Starting anther process rklosinski Programming 5 12-05-2002 09:09 AM


All times are GMT -5. The time now is 06:21 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration