From Notes Wiki
Jump to: navigation, search
Home > Shell scripting > Runuser

runuser

A normal user can run commands with root privileges with help of sudo. Similarly if a root user needs to run commands as a normal user it can use 'runuser' as follows:

runuser -l redmine -c "cd; touch a.txt"

This would cause creation of fine a.txt in user redmines home folder with user owner and group owner as redmine and redmines primary group.

Similarly

runuser -l redmine -c "sleep 100"

causes sleep command to be executed with user redmine's privileges.

To just get a redmine users shell one can use both runuser or su as

runuser -l redmine  #OR
su - redmine

Note that strangely the output of

runuser -l redmine -c "cd ~; echo $USER; echo $PWD"

seems to indicate commands running as root user, which is very weird. This is because various environment variables used are same as that for root user. However following command will not work as expected for a user with limited privileges:

runuser -l redmine -c "cd ~; echo $USER; echo $PWD; ls /root"

This strangeness is present even while using su to run commands as non-root user. That is although

su - redmine -c "sleep 100"

runs sleep as redmine user. The following command

su - redmine -c "cd ~; echo $USER; echo $PWD"

runs echo with root user privileges.


Note that if all this appears complex or if root privileges wont be available then one can also use setuid, setgid approach by making the required user owner/group owner of the executable and by setting setuid and setgid bits. This would cause the program to be executed with user owner's permissions and not with the permissions of user executing the program.


Some steps learned from http://www.cyberciti.biz/open-source/command-line-hacks/linux-run-command-as-different-user/

Home > Shell scripting > Runuser