LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   changing user via su otheruser in a script (https://www.linuxquestions.org/questions/linux-newbie-8/changing-user-via-su-otheruser-in-a-script-894249/)

John Small 07-28-2011 05:37 AM

changing user via su otheruser in a script
 
When our server starts up it needs to start some processes running in certain user accounts. Those user accounts require passwords. How do I write a script that switches the user and runs the command.

I know I can use su otheruser -c some_command. But how do I send the password into su otheruser ?

I've tried
echo somepassword | su otheruser

but that just complains that it'll only accept passwords from a tty device.

This is on a server running Red Hat

Thanks

John Small

repo 07-28-2011 05:49 AM

You don't need the password for
Code:

su -c
Code:

root@cannabis repo]# su repo -c whoami
repo
root@cannabis repo]#

Kind regards

wpeckham 07-28-2011 03:36 PM

Correction
 
If I may: "You don't need the password for" is only true if you are running the su command AS ROOT.

It may be possible to use a combination of 'sudo' and 'su' to accomplish this for a less-privelaged user, but I would never allow that on any of MY systems without very strict controls.

John: is it possible to run this process as root?

SL00b 07-28-2011 04:47 PM

Let root execute the scripts, but the start/stop commands contained within the scripts would be executed under sudo.

So, let's say you've got process.sh, which you want to run under svcacct. Execute process.sh as root, and its start command would be:

Code:

/usr/bin/sudo -u svcacct /path/to/startCommand.sh
And you'll see that the process is running under the authority of svcacct. No password required.

chrism01 07-28-2011 07:04 PM

As per repo, if the originating process is root owned (normal at startup), then 'su - ... is sufficient; no need to start messing with sudo.
In fact its the std way to achieve that effect you want.

John Small 07-29-2011 11:35 AM

Code:

/usr/bin/sudo -u svcacct /path/to/startCommand.sh
The
Code:

-u someaccount
Is the bit I was missing. I didn't know about the -u option. I can work everything else out.

Thanks everyone


All times are GMT -5. The time now is 12:43 AM.