How do I perform commands in a bash script as a different user?
ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
The code above works (thanks to this and pixellany), but not to the extent I want it to. The script has one possible argument (a username) that I'd like the shell to switch to, perform the cp, sed, cat and rm then return back to the original shell. $HOME and $USER need to return as the *argument* username's homedir and username, not the user performing it. I've tried double quotes (escaping the other double quotes with \), back ticks and single quotes (which are already escaped as literal).. what can I do to make this work? When the
Code:
sudo su - $1
is performed, the rest of the commands aren't performed as the user. Considering security I can't pass it off as a secondary script that the user performs, it all needs to be within one script that a (near) super user performs.
Code:
su -c "command" $1
won't work in this case either, unfortunately.
Last edited by theonislair; 06-10-2012 at 12:12 AM.
I'd like the shell to switch to, perform the cp, sed, cat and rm then return back to the original shell. $HOME and $USER need to return as the *argument* username's homedir and username, not the user performing it.
Code:
#!/bin/bash
if [ $# -lt 1 ] || [ "$*" = "-h" ] || [ "$*" = "--help" ]; then
exec >&2
echo ""
echo "Usage: $0 -h | --help"
echo " $0 USER"
echo ""
exit 0
fi
User="$1"
shift 1
if [ -z "$User" ]; then
echo "No user specified." >&2
exit 1
fi
if ! id -u "$User" &>/dev/null ; then
echo "$User: No such user." >&2
exit 1
fi
Home="$(getent passwd "$User" | cut -d : -f 6)" || exit $?
if [ -z "$Home" ]; then
echo "$User: This user has no known home directory." >&2
exit 1
fi
if [ ! -d "$Home" ]; then
echo "$User: Cannot locate user home directory ($Home)." >&2
exit 1
fi
# Edit as $User:
sudo -u "$User" -- sed -e '/DB_COLLATE/ a\define(\x27WP_HOME\x27\, \x27http://'"$HOSTNAME/~$User"'\x27);\ndefine(\x27WP_SITEURL\x27\, \x27http://'"$HOSTNAME/~$User"'\x27);' -i "$Home/public_html/wp-config.php" || exit $?
# Back as original user ...
The sed expression is a bit messy; you might wish to test it first. Drop the -i option to have it only output the result instead of modifying the specified file.
If you need to do a more complex edit, I recommend putting that part in a separate scriptlet. You can do
The || exit $? bits I've liberally sprinkled here and there means "but if that fails, abort the script".
Note the getent passwd "$User" | cut -d : -f 6 expression: I believe it is the most portable easy way to find the user home directory. It should work even when using a remote user database. It does work fine on all machines I tested, even on SunOS 5.10. You could always rely on Bash tilde expansion, but applying the expansion from a string is a bit difficult to do reliably; all the ways I could think of just now would involve eval.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.