LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-06-2008, 11:19 AM   #1
webaccounts
Member
 
Registered: May 2008
Location: Columbus Ohio
Distribution: CentOS 5.9/6.4 x64
Posts: 44

Rep: Reputation: 19
Want to run script without being root, possible?


I tried searching for this but couldn't find it. So my deepest apologizes if its out there.

A basic rundown is I have a script that does the following:
Creates a new web folder from a copy of a template web folder.
Creates a new mysql database from a copy of the template database.
Grants mysql id to that database.
Changes owner of new web folder & sub's to apache.
Changes group of new web folder & sub's to webdev.
Gives group of new web folder & sub's to write access.
Edit's config.php and places new information in it.
Sets config.php to owner apache and chmod to 400 on it.

The script works great, however I have to run it using root.

I'd like to not have to run it with root because I plan on having a specific user run the script.

So my question is, is it possible for a non-root user to run the chmod, chown, and chgrp commands. If so, how?

Thanks,
Rusty
 
Old 06-06-2008, 11:29 AM   #2
bigrigdriver
LQ Addict
 
Registered: Jul 2002
Location: East Centra Illinois, USA
Distribution: Debian Jessie 8.4
Posts: 5,873

Rep: Reputation: 348Reputation: 348Reputation: 348Reputation: 348
Edit the /etc/sudoers file to give appropriate permissions to the user you name. The user then starts the script with the *sudo* keyword, as in "sudo ./scriptname".
 
Old 06-06-2008, 12:02 PM   #3
webaccounts
Member
 
Registered: May 2008
Location: Columbus Ohio
Distribution: CentOS 5.9/6.4 x64
Posts: 44

Original Poster
Rep: Reputation: 19
Great thanks.

One more question.

I made the change:

Code:
webdev  ALL=(ALL)  DELEGATING
Its not working, do I need to activate it somehow, reboot? I prefer not to reboot it since its a web server.

NOTE: Nevermind. I forgot to use sudo ./script like you said. Sorry about the confusion.

Last edited by webaccounts; 06-06-2008 at 02:13 PM. Reason: Nevermind. I forgot to use sudo ./script like you said. Sorry about the confusion.
 
Old 06-06-2008, 03:20 PM   #4
tethysgods
Member
 
Registered: May 2004
Posts: 166

Rep: Reputation: 17
I might be wrong, but can't you copy the script to the user space, then chmod u+x scriptname? I only that user is to run the script you can xhmod go-x scriptname.
 
Old 06-09-2008, 08:44 AM   #5
webaccounts
Member
 
Registered: May 2008
Location: Columbus Ohio
Distribution: CentOS 5.9/6.4 x64
Posts: 44

Original Poster
Rep: Reputation: 19
Quote:
Originally Posted by tethysgods View Post
I might be wrong, but can't you copy the script to the user space, then chmod u+x scriptname? I only that user is to run the script you can xhmod go-x scriptname.
No, users by default can't change permissions on a file even if they created it and own it.

Just running the script isn't a problem though, it was the chmod instead the script that was.
 
Old 06-10-2008, 08:33 AM   #6
tethysgods
Member
 
Registered: May 2004
Posts: 166

Rep: Reputation: 17
Hi, Of course you have to root to do the chmod, but after that the user should be able to run the script?
 
Old 06-10-2008, 09:43 AM   #7
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 7,151

Rep: Reputation: 2203Reputation: 2203Reputation: 2203Reputation: 2203Reputation: 2203Reputation: 2203Reputation: 2203Reputation: 2203Reputation: 2203Reputation: 2203Reputation: 2203
Quote:
Originally Posted by webaccounts View Post
No, users by default can't change permissions on a file even if they created it and own it.
This statement, with all due respect, is incorrect. If you own the file, you can alter its permissions. You can also change the group-name to any group that you are a member of. (Use the groups command to get a list of those groups.)

It is highly desirable to arrange for scripts to run with permissions that are sufficient to perform the task but no greater than those required to perform the task: the so-called "principle of least privilege."

It is somewhat-customary for a wheel group to be created, and the "big wheels" of the installation (the "Power Users") are given membership to it.
 
Old 06-11-2008, 08:46 AM   #8
webaccounts
Member
 
Registered: May 2008
Location: Columbus Ohio
Distribution: CentOS 5.9/6.4 x64
Posts: 44

Original Poster
Rep: Reputation: 19
Quote:
Originally Posted by sundialsvcs View Post
This statement, with all due respect, is incorrect. If you own the file, you can alter its permissions. You can also change the group-name to any group that you are a member of. (Use the groups command to get a list of those groups.)

It is highly desirable to arrange for scripts to run with permissions that are sufficient to perform the task but no greater than those required to perform the task: the so-called "principle of least privilege."

It is somewhat-customary for a wheel group to be created, and the "big wheels" of the installation (the "Power Users") are given membership to it.
Ok, I see then. Before when I tried, the user couldn't change permissions as far as the group unless they were in the group. But he still can't change the owner. The sudoers fixed this though.

Reason for allowing chmod for the user is so they can duplicate websites without root access. It changes the groups and owners to those websites. But I prevented them from changing permissions outside the /var/www/webroot/ directory.

Thanks for the posts.
 
Old 06-11-2008, 09:52 PM   #9
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,240

Rep: Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324
chmod changes permissions ie rwx
chown changes owner (and you need to be root to do that). Ditto to change the 'owning' group of a file.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How can I have a script owned as root and run as root by a user: setuid? stickey bit? abefroman Linux - Newbie 9 04-19-2008 06:15 PM
How to run script of another user from root? sikandar Linux - Software 4 09-05-2007 04:42 AM
Is a script, run at boot time from init.d, run with root authority? tmbrwolf53 Linux - Server 2 03-31-2007 09:15 PM
run script as root in KDE m_a_b Linux - Software 3 10-15-2004 08:00 PM
Need to run shell script as root kaloyer Programming 4 06-27-2004 10:01 AM


All times are GMT -5. The time now is 10:47 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration