LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 12-11-2012, 05:10 AM   #1
Michal Krzyz
Member
 
Registered: Nov 2011
Distribution: OpenBSD, Ubuntu, Debian, Slackware, LFS
Posts: 44

Rep: Reputation: Disabled
Is it possible to switch between the root/user inside automatic script?


Hello,
I am writing bash script which is building some tools and is setting environment. This scripts make a lot of root stuff like mount, mkfs, make install etc.
This script is called by sudo command:

Code:
sudo ./build_all.sh
I have some ./confiugre and make steps in this script and I do not want to do them with root rights.
Is it possible to switch root to user and return to root after couple lines of script?

I know that I can use:

Code:
$ su - $MYUSERNAME -c '...'
but there are so many lines in which I have to use this "su - $MYUSERNAME" prefix that this is not a solution for me.

I tried in another way. I called script as an user and then I used sudo to perform install/mount/etc. actions. It looked better, but I had to confirm password after some time of script's execution...so this is not solution (password check does not provide any automation, so it is useless).

Do you have any other idea how to do it?

Thank you in advance.
 
Old 12-11-2012, 09:27 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,397

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
no, you can't change user. you can look to write out a script and then execute it all via duso if that is sufficiant, but you can't become a different user, as that will spawn a new session.
 
Old 12-11-2012, 10:20 AM   #3
Michal Krzyz
Member
 
Registered: Nov 2011
Distribution: OpenBSD, Ubuntu, Debian, Slackware, LFS
Posts: 44

Original Poster
Rep: Reputation: Disabled
Thank you for your answer.

So what is the best solution for making automatic build scripts, for example as following one:

Code:
#!/bin/bash

LFS=/mnt/lfs

cd $LFS/sources/build/
tar -xzvf $LFS/sources/packages/e2fsprogs-1.42.5.tar.gz
cd e2fsprogs-1.42.5
mkdir -v build
cd build
../configure
make
make install                   #REQUIRES SUDO
mke2fs -jv /dev/sda9           #REQUIRES SUDO
cd $LFS/sources/build/
rm -rfv e2fsprogs-1.42.5

... # maybe much more lines with some steps requiring root's hand
I think that it is not good idea to do everything as a root user.
 
Old 12-11-2012, 01:31 PM   #4
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,797
Blog Entries: 4

Rep: Reputation: 285Reputation: 285Reputation: 285
If you have sudo rights available, then you can first switch to root user, and then invoke it, as:
Code:
sudo su - root
Password for username: 
./build_all.sh
Perhaps then it will not ask for any password during execution of script. And if you want to automate this script (i.e. in cron), then add it to crontab with root user, not with your own user i.e username.
 
Old 12-11-2012, 01:59 PM   #5
Michal Krzyz
Member
 
Registered: Nov 2011
Distribution: OpenBSD, Ubuntu, Debian, Slackware, LFS
Posts: 44

Original Poster
Rep: Reputation: Disabled
If I didn't missunderstand you, your solution will execute whole script as a root. Problem is that I wanted to run just couple commands as root and others (like ./configure and make) as non-root user.
 
Old 12-11-2012, 10:26 PM   #6
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,797
Blog Entries: 4

Rep: Reputation: 285Reputation: 285Reputation: 285
Is there any specific reason for doing this? Anyway, first thing is that it's not possible to invoke root privillaged command with normal user without supplying a password. Whenever you will do a sudo or su, you will need to supply a password.
In you script (as per the part of script you mentioned), there's nothing problematic, whether root run it or a normal user run it. Althogh one thing is that the directories/files that it will create, will get root's ownership. So you can explicitly provide chwon cmd at the end of your script to change ownership back to you.
Besides, you should show where it will cause problem in your script with root's hands.
 
Old 12-12-2012, 12:57 AM   #7
Michal Krzyz
Member
 
Registered: Nov 2011
Distribution: OpenBSD, Ubuntu, Debian, Slackware, LFS
Posts: 44

Original Poster
Rep: Reputation: Disabled
Quote:
Anyway, first thing is that it's not possible to invoke root privillaged command with normal user without supplying a password
No way, are you kidding me? You think I am such a noob... I think I have to stop asking questions on LQ.

The thing is that actually you can configure sudo to remove pass request for the user (or remove expiration time keeping user able to sudo without asking him for password again during script execution), but this is stupid idea.

Of course there is a reason. I am building/configuring packages, copying user's data and so on... and this is not good idea to use root everywhere (it is not even safe to use root for some operations).

I found one solution, which seems to be good for builds but not for everything what I wanted (problem is with some device manipulation commands, where root's rights are still required).

I started to use --prefix options during configuration of packages (every package will be installed to user's directory), after all (after execution of build script which is called by su - $USERNAME -c '...') I will use:
Code:
# install -g .. -o .. -m .. ..... <prefix_directory>
 
Old 12-12-2012, 01:00 AM   #8
redfox2807
Member
 
Registered: Jul 2012
Distribution: Kubuntu, Debian, Meego, Android
Posts: 116

Rep: Reputation: 16
You can grab all the commands that require root privileges and move them to another script that is run from your current script via sudo or su. So that all the compiling stuff (and cleaning up) is done by a regular user while the actual setting up the environment is done by root
 
Old 12-12-2012, 10:42 AM   #9
ntubski
Senior Member
 
Registered: Nov 2005
Distribution: Debian
Posts: 2,455

Rep: Reputation: 842Reputation: 842Reputation: 842Reputation: 842Reputation: 842Reputation: 842Reputation: 842
Quote:
Originally Posted by Michal Krzyz View Post
I tried in another way. I called script as an user and then I used sudo to perform install/mount/etc. actions. It looked better, but I had to confirm password after some time of script's execution...so this is not solution (password check does not provide any automation, so it is useless).
Maybe you can use sudo -v to renew the cached credential so it doesn't time out and ask for password again:

Code:
#!/bin/bash

sudo -v # user supplies password first time

# renew credentials every 14 minutes (default timeout is 15 minutes)
(while : ; do sudo -nv && sleep $((14*60)) ; done) &
SUDO_REFRESH_PID=$!

# rest of script using sudo for some commands goes here
...



# cleanup
kill $SUDO_REFRESH_PID
 
1 members found this post helpful.
Old 12-12-2012, 12:38 PM   #10
Michal Krzyz
Member
 
Registered: Nov 2011
Distribution: OpenBSD, Ubuntu, Debian, Slackware, LFS
Posts: 44

Original Poster
Rep: Reputation: Disabled
Thank you ntubski

This is very nice workaround. I really like this solution...but I have to check it because I am not sure it will work (I have never use sudo -v option before).


Maybe it could be better to attach this process to the script and then it will be terminated automatically after script's execution.
Anyway, I found something like:

Code:
trap 'kill $(jobs -p)' EXIT
...
I tested it with simple script and it seems to work fine.
Tomorrow I will start real test, but I think that this solution is acceptable.

Thank you all for your time.
 
Old 12-12-2012, 01:05 PM   #11
PTrenholme
Senior Member
 
Registered: Dec 2004
Location: Olympia, WA, USA
Distribution: Fedora, (K)Ubuntu
Posts: 4,150

Rep: Reputation: 330Reputation: 330Reputation: 330Reputation: 330
I wouldn't recommend this for a multi-user system, but, on my home single-user system, I just edit /etc/sudoers to have a group with the NOPASSWD option, and put myself into that group. Then sudo doesn't prompt me for a password. (Note that, if you wish, you can restrict the "no password required" group to a specific set of commands.)

Note also that the sudoers file is read early in a session, and changes in the file may need a reboot or logout/login sequence before they become active.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Scheduling automatic updates as root without user intervention Josh000 Ubuntu 2 06-03-2010 02:49 PM
Run command as root inside script an_sush Linux - Newbie 19 09-04-2009 08:19 AM
How do I switch to root user binarybob0001 Programming 4 11-26-2007 03:26 AM
How do you switch to root user barrythai Ubuntu 19 04-13-2007 11:55 AM
How switch root to another user? Xiangbuilder Linux - Newbie 1 09-15-2003 07:19 AM


All times are GMT -5. The time now is 02:35 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration