1748181 Members
3363 Online
108759 Solutions
New Discussion юеВ

Re: execute as root?

 
Joseph Hoh
Frequent Advisor

execute as root?

How can I set a shell script to execute as root by another user. I don't want the user to be able to modify the script.
5 REPLIES 5
Rita C Workman
Honored Contributor

Re: execute as root?

Well, I generally have anything that needs root to run it....run by root. That way I don't have to worry about the other user at all. If a job needs to be run by Oracle than as root I include the scripts into my cron jobs and set up a small file to do the su to Oracle and run the oracle job. I do the same for other users.

What I'm saying is....as root I will run your jobs...but a user never runs root jobs. That way I know the jobs stay 'untouched'.

Just a thought,
Dan Hetzel
Honored Contributor

Re: execute as root?

Hi Jeff,

I agree with Rita, but I know it's sometimes unpractical.

An alternate solution would be to use 'SUDO' that you can freely download at the following address:
http://www.courtesan.com/sudo/sudo.html

This utility allows you do define 'who' may run 'what' and under which usedid. It's quite powerful.

Best regards,

Dan
Everybody knows at least one thing worth sharing -- mailto:dan.hetzel@wildcroft.com
Rainer_1
Honored Contributor

Re: execute as root?

setting to effective (not real) user id can be done with sticky bit.

The first line of the script must contain ie:
#!/sbin/sh

Change owner of the script

chown root <script>

Set sticky bit

chmod 5755 <script>

James R. Ferguson
Acclaimed Contributor

Re: execute as root?

Jeff:

You can do this by setting the set-uid bit. The script in question should be owned by root. Do 'chmod 45xx' on the script and when you run it from a non-root account, the effective uid will be that of root.

This is a VERY DANGEROUS practice. A better alternative is to use the 'sudo' utility or restricted SAM for functions you need to confer to trusted users.

...JRF...
Alexander M. Ermes
Honored Contributor

Re: execute as root?

Hi there.
Another hint. You should run this scripts under ksh, otherwise you could have weird results. I stepped into that trap last week
during an isnatll of 8.1.7
Rgds
Alexander M. Ermes
.. and all these memories are going to vanish like tears in the rain! final words from Rutger Hauer in "Blade Runner"