HPE Community
Operating System - HP-UX
1847471 Members
3042 Online
110265 Solutions
New Discussion

Re: different account within the scripts

 
Jay C. Quibuloy
Occasional Advisor

‎11-23-2003 05:18 PM

‎11-23-2003 05:18 PM

different account within the scripts

Hi!

Is there a way to used the other account within the scipts that will call another program and also without prompting a password.

0 Kudos
Reply
2 REPLIES 2
Christian Gebhardt
Honored Contributor

‎11-23-2003 07:04 PM

‎11-23-2003 07:04 PM

Re: different account within the scripts

Hi

if you start the script as user root you can run a script without prompting a password:

<script>
su - -c
<script>

the "su -" means that you source /etc/profile and .profile, so you have the environment from the user. In this files you must not have any programs that produce an output.

Another way:

<script>
su - user <

EOFUSER
<script>


If you are not root it's not so easy.

user1 want to run a program from user2:
you need a file
/.rhosts
with entry
user1

user1 can now "login" to user2 without password:
<script>
rexec hostname -l user2
<script>
Think of security !!!

The same trick you can do with ssh and empty passphrase.

Chris
0 Kudos
Reply
doug hosking
Esteemed Contributor

‎11-24-2003 09:27 PM

‎11-24-2003 09:27 PM

Re: different account within the scripts

Alternatively, you could install the 'other program' as a setuid or setgid binary using the chmod command. But as Chris suggests, there are many security issues to consider here. It's easy to give you a solution that would be functional. We would have to know a lot more about your specific environment and needs to give you something that might be acceptable from a security point of view.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.