Granting root permissions to a bash script than can be run by a user?
How might I be able to grant root permissions to a bash script (such that the bash script can for instance execute root commands in /usr/sbin), but give a user permissions to execute this bash script? So thus, the user can execute the bash script, and the bash script can execute a /usr/sbin command as if it was root.
(BTW I'm aware this can be very dangerous) |
If I'm not too senile, scripts with SUID don't behave the same as binaries - basically SUID is not allowed. You can try to have a binary execute a script - I have no idea whether the script will run as intended though, or if privileges will be dropped because you're not really root.
|
Using Sudo is your only solution.
|
suid works for scripts on some unix-likes OSes, but not Linux. This is for security reasons (see The Secure Programming for Linux and Unix HOWTO).
I believe sudo will do it. For example, if your script is: Code:
/usr/local/sbin/myscipt Code:
username ALL = NOPASSWD: /usr/local/sbin/myscript By the way, you should be very careful about this. Scripts are easy to trick into doing the bidding of a malicious user (environment attacks for example). |
Thank you, that's a good solution :)
To execute the commands as root, in my bash script I put 'sudo -u root /path/to/command' for the commands and executed the bash script normally, and it worked. |
All times are GMT -5. The time now is 08:21 AM. |