- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- Re: "su problem" with script
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2001 06:08 PM
12-03-2001 06:08 PM
			
				
					
						
							"su problem" with script
						
					
					
				
			
		
	
			
	
	
	
	
	
the script gets started as user bsp without any issue. (the script is owned by root but some users are authorised to start it up.)
How do I add the above "su "syntax within the script itself so that the users can just type in "app.start" and the binaries gets started always as user "bsp" ?
The extract of the script is as below (Can someone let me know where to place "su bsp -c" option in the script in the fifth line here?)
Thanks
#!/bin/sh
BSE=/app/bse
BSE_TMP=/app/bse/tmp
echo 'Initialize Printer Daemon\n'
if [ -x ${BSE}/bin/pdaemon${REL} ];then
if [ -f ${BSE_TMP}/pd_lock ]; then
echo "Printer Daemon already running"
else
if ${BSE}/bin/pdaemon${REL} ;then
echo 'Printer Daemon Initialized\n'
else
echo 'Cannot Initialize Printer Daemon\n'
fi
fi
else
echo 'Cannot Initialize Printer Daemon\n'
fi
exit 0
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2001 08:04 PM
12-03-2001 08:04 PM
			
				
					
						
							Re: "su problem" with script
						
					
					
				
			
		
	
			
	
	
	
	
	
If you're root, you can use 'su' to change to any account or execute any command as another user without typing the password. Regular users however don't have this capability since it would allow anyone to run any program as any other user.
The solution for you seems to be sudo (try man sudo). Sudo allows users to execute certain commands (you specify) as another user or even as root.
Regards,
Paga
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-04-2001 12:47 AM
12-04-2001 12:47 AM
			
				
					
						
							Re: "su problem" with script
						
					
					
				
			
		
	
			
	
	
	
	
	
chown bsp <script>
chmod +s <script>
This will set user id on execution, ie, when somebody runs the script, the script will not run as the user that launched the script but the user that owns the script.
E.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-04-2001 06:51 AM
12-04-2001 06:51 AM
			
				
					
						
							Re: "su problem" with script
						
					
					
				
			
		
	
			
	
	
	
	
	
It seems you have a few choices though.
As Eugen says, you can change the owner of the script to bsp and then make it setuid. Security-wise it is not recommended to have setuid scripts as then can be comprised more easily than binaries. But in this situation, it may be acceptable.
Otherise, you can create a wrapper script that does the su -c and calls the other script. But if you do this, the user running it will be prompted for a password.
Another option is to use something like sudo or Symark's Powerbroker that lets you run a program as another user.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-05-2001 05:54 AM
12-05-2001 05:54 AM
			
				
					
						
							Re: "su problem" with script
						
					
					
				
			
		
	
			
	
	
	
	
	
Just my two cents.
Invoking an user can be done in two ways :
su bsp -c ...
this invokes the user and tries to execute the command
su - bsp -c
Invoking the user, taking the environment of the user ( variables etc from .login and .profile ) and then executing the command.
Mostly we use the su in the second way.
Rgds
Alexander M. Ermes
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-05-2001 09:31 AM
12-05-2001 09:31 AM
			
				
					
						
							Re: "su problem" with script
						
					
					
				
			
		
	
			
	
	
	
	
	
The script under question needs to started by a normal user and as the server is also running several other applications, part of service guard etc, we would not like to give "sudo" access for application users. All I need to know is if there is a way to incoporate the 'su' syntax which I mentioned earlier in the script itself. The application user will type in the password if prompted by the script. (I need to incorporate the syntax in several other similar scripts which is owned by root)
I tried several combinations but each time I got an error in the fifth line.
Thanks all once again.
