On Tue, Jun 19, 2012 at 11:42:18PM +0100, steve-ALUG@hst.me.uk wrote:
On 19/06/12 22:46, Chris Green wrote:
Is there any way to run a script such that it executes as another user than the person running it?
If you're using the debian/ubuntu/mint flavour of linux, then you can use sudo
use visudo to edit the sudoers file (*)(+) then put in an entry like
desired_user_name ALL = NOPASSWD: /path/to/your/script
NOPASSWD is optional - if it's there, you won't be prompted to enter the password for that user when that script runs. I don't recall what the ALL means.
try man sudoers or man visudo for help, or google it.
I think the ALL means all machines, alternatively one can put a machine/host name there. I don't think the above is quite right either, it needs to be:- user ALL = (user_wanted) NOPASSWD: /path/to/your/script ... but /etc/sudoers is somewhat arcane! I don't seem to be able to get the NOPASSWD parameter to work, it keeps asking me for the password. In fact it's not working at all, I have:- steve ALLĀ = (chris) NOPASSWD: /home/chris/bin/nnnn but if I do 'sudo -u chris /home/chris/bin/nnnn' when logged in as steve I get asked for steve's password and then get the error:- steve is not allowed to run sudo on chris. This incident will be reported. So I haven't got it right still! Can anyone set me right? I just want steve (well, actually another user) to be able to execute a specific command as chris without having to enter a password. -- Chris Green