On Wed, Jun 20, 2012 at 10:54:50AM +0100, Chris Green wrote:
On Tue, Jun 19, 2012 at 11:42:18PM +0100, steve-ALUG@hst.me.uk wrote:
On 19/06/12 22:46, Chris Green wrote:
Is there any way to run a script such that it executes as another user than the person running it?
If you're using the debian/ubuntu/mint flavour of linux, then you can use sudo
use visudo to edit the sudoers file (*)(+) then put in an entry like
desired_user_name ALL = NOPASSWD: /path/to/your/script
NOPASSWD is optional - if it's there, you won't be prompted to enter the password for that user when that script runs. I don't recall what the ALL means.
try man sudoers or man visudo for help, or google it.
I think the ALL means all machines, alternatively one can put a machine/host name there.
I don't think the above is quite right either, it needs to be:-
user ALL = (user_wanted) NOPASSWD: /path/to/your/script... but /etc/sudoers is somewhat arcane!
I don't seem to be able to get the NOPASSWD parameter to work, it keeps asking me for the password. In fact it's not working at all, I have:-
steve ALLĀ = (chris) NOPASSWD: /home/chris/bin/nnnnbut if I do 'sudo -u chris /home/chris/bin/nnnn' when logged in as steve I get asked for steve's password and then get the error:-
steve is not allowed to run sudo on chris. This incident will be reported.So I haven't got it right still!
Can anyone set me right? I just want steve (well, actually another user) to be able to execute a specific command as chris without having to enter a password.
Got it! You can't have any spaces around the = sign! It has to be:-
steve ALL=(chris) NOPASSWD: /home/chris/bin/nnnn
Gggggrrrrrr!!!!! Why doesn't *any* of the documentation point out this rather fundamental requirement? Yes, I know it's like assignments in shell scripts but I think that's about the only other place where spaces aren't allowed around = signs.