If I enter sudo su - Rorschach and login as Rorscach. I would like a command to be executed automatically.
Such as echo "Hello Rorschach" or cd ~
Where do I put these scripts in order for them to be performed upon login of that user?
I am using an ubuntu 14.04 command line and echo $0 outputs -bash
~/.bash_profile (recommended) or ~/.bashrc (will work, but this file should rather contain functions and aliases, not commands).
As far as message after login is concerned you can write at /etc/motd file which I think is the recommended file.
/etc/motd is not a script but a text file which contents are shown before the first prompt of a login session.
motd: message of the day
Related
Can anyone please tell me what shell has installed in my system?
Because when I am logging into my system using my username it is initially showing bash shell but later it is showing korn shell after doing sudo.
Please see below for details.
-bash-3.2$ pwd
/home/w4x2spxt
-bash-3.2$ echo $SHELL
/bin/bash
-bash-3.2$ su - XXXXXXX
Password:
You have new mail.
The Oracle base remains unchanged with value /apps/oracle
abc0300ab123:/a30/home/XXXXXXX >> echo $SHELL
/bin/ksh
SHELL environment variable gives you your login shell.
check the shell path mentioned(last column) against your username or XXXXXXX(for su) in /etc/passwd like this: grep ^XXXXXXX /etc/passwd.
The shell mentioned in that file will be your default shell when you login or su to that user.
To check all installed shells on your system use this: cat /etc/shells
Your user is using /bin/bash as default shell.
root is using /bin/ksh as its default shell.
The default shell is a user-specific setting, so there is nothing picky in having different ones among users. Just check the last column in /etc/passwd and surprise yourself with a variety of values.
Note by the way that when you do su, you log in as root. If you add the dash and say su - you are loading the root profile, so that you have its environment.
The environment variable SHELL always contains the login shell of the user logged in, defined in /etc/passwd.
If the user changes his/her shell after login by e.g. exec bash (bash), the SHELL will still expand to the login shell.
In your case, the user XXXXXXX has the login shell /bin/ksh, do:
grep '<user_name>' /etc/passwd
to match the results.
To find the current shell:
echo $0
Or
ps -p $$
When you do this:
-bash-3.2$ su - XXXXXXX
you are starting whatever shell is assigned to user XXXXXXX. This is usually a good thing for su -, since that runs their shell as a login process so you get their normal shell startup initialization (profile, *shrc, etc). If you run a different shell from the one their account is set up for, you probably miss out on all their customization.
You can see what shell is associated with an account by looking them up in the password database. This is pretty reliable across different types of systems and authentication schemes:
perl -MUser::pwent -le 'print( (getpwnam "XXXXXXX")->shell || "/bin/sh" )'
You can always run a shell explicitly as the other user if you have one in mind that you want:
su XXXXXXX -c "bash --login"
or
sudo -u XXXXXXX bash --login # if you have sudo privs
To see what shell you're currently running, look at $0:
echo $0
To see what shell you get by default as you, look at $SHELL.
I want to have my AppleScript application run a Python script with sudo, but I don't want the application to prompt the user for a password (our users do not have sudo privileges).
The Python script has been added to the /etc/sudoers file appropriately (ALL ALL=NOPASSWD: /path/to/script.py). In the terminal, I can do (as a regular, non-privileged user):
$ sudo ./script.py
and it runs perfectly well. But in AppleScript when you try to do:
do shell script "sudo ./script.py"
You of course get the "sudo: no tty present and no askpass program specified" error. But if you change it to:
do shell script "./script.py" with administrator privileges
AppleScript insists on presenting a popup window to ask for the password. I have also tried passing a null password to sudo with a pipe:
do shell script "echo '' | sudo -S ./script.py"
but that also does not work. (I think it tries to run sudo individually first and then pass the command through, which won't work because the user doesn't have sudo privileges!)
I need a solution where AppleScript will run the Python script with sudo. I would prefer the script stays unreadable and un-executable by average users for security reasons, and is only executed through the AppleScript. (I know that, hypothetically, the users could call sudo script.py and it would run, but that's assuming they even know about sudoers; I'm trying to keep it as secure as possible while still usable).
I'm still pretty new to AppleScript, so any help would be greatly appreciated! Thanks!
When I added ALL ALL=NOPASSWD: /Users/myusername/a to sudoers and ran echo $'#!/bin/bash\nsay $(ls ~root|head -n1)'>~/a;chmod +x ~/a, do shell script "sudo ~/a" ran the script as root without requiring a password.
I'm guessing the problem is that you specified the path like do shell script "sudo ./script.py". Try to use do shell script "sudo ~/script.py" instead. The default working directory is for do shell script is / and not ~/.
I have a bash script that partially needs to be running with default user rights, but there are some parts that involve using sudo (like copying stuff into system folders) I could just run the script with sudo ./script.sh, but that messes up all file access rights, if it involves creating or modifying files in the script.
So, how can I run script using sudo for some commands? Is it possible to ask for sudo password in the beginning (when the script just starts) but still run some lines of the script as a current user?
You could add this to the top of your script:
while ! echo "$PW" | sudo -S -v > /dev/null 2>&1; do
read -s -p "password: " PW
echo
done
That ensures the sudo credentials are cached for 5 minutes. Then you could run the commands that need sudo, and just those, with sudo in front.
Edit: Incorporating mklement0's suggestion from the comments, you can shorten this to:
sudo -v || exit
The original version, which I adapted from a Python snippet I have, might be useful if you want more control over the prompt or the retry logic/limit, but this shorter one is probably what works well for most cases.
Each line of your script is a command line. So, for the lines you want, you can simply put sudo in front of those lines of your script. For example:
#!/bin/sh
ls *.h
sudo cp *.h /usr/include/
echo "done" >>log
Obviously I'm just making stuff up. But, this shows that you can use sudo selectively as part of your script.
Just like using sudo interactively, you will be prompted for your user password if you haven't done so recently.
I have to take a data dump from my postgres database.
How do I log in to the postgres home ? . I have the following script but it doesn't work :
#!/bin/sh$
export PASSWORD= something
echo $PASSWORD | sudo -S su postgres
pg_dump somedb > dump.txt+`date +%Y-%m-%d`
However when I run this script I do not get logged to postgres#gauss:$ at the same time script doesn't throw an error. Is there something I am doing wrong here ?
The reason your script fails is that the line
echo $PASSWORD | sudo -S su postgres
causes su to fork a subordinate shell. That shell tries to read from the standard input which has already been exhausted by sudo -S in reading the password. When the shell finds no more input (EOF) it exits. The next line of your script then executes as if that quoted line never happened, and therefore runs under your UID.
See j.hloetzek's answer for a much better way to do what you want.
Also the script as pasted has a two syntax errors in it, but you shouldn't use that approach anyway.
You cannot pipe the password to the sudo command, but can allow in /etc/sudoers certain commands to be run without password (check exact syntax!)
username YOURUSERNAME = NOPASSWD: /sbin/su postgres
I have a shell script which needs non-root user account to run certain commands and then change the user to root to run the rest of the script. I am using SUSE11.
I have used expect to automate the password prompt. But when I use
spawn su -
and the command gets executed, the prompt comes back with root and the rest of the script does not execute.
Eg.
< non-root commands>
spawn su -
<root commands>
But after su - the prompt returns back with user as root.
How to execute the remaining of the script.
The sudo -S option does not help as it does not run sudo -S ifconfig command which I need to find the IP address of the machine.
I have already gone through these links but could not find a solution:
Change script directory to user's homedir in a shell script
Changing unix user in a shell script
sudo will work here but you need to change your script a little bit:
$ cat 1.sh
id
sudo -s <<EOF
echo Now i am root
id
echo "yes!"
EOF
$ bash 1.sh
uid=1000(igor) gid=1000(igor) groups=1000(igor),29(audio),44(video),124(fuse)
Now i am root
uid=0(root) gid=0(root) groups=0(root)
yes!
You need to run your command in <<EOF block and give the block to sudo.
If you want, you can use su, of course. But you need to run it using expect/pexpect that will enter password for you.
But even in case you could manage to enter the password automatically (or switch it off) this construction would not work:
user-command
su
root-command
In this case root-command will be executed with user, not with root privileges, because it will be executed after su will be finished (su opens a new shell, not changes uid of the current shell). You can use the same trick here of course:
su -c 'sh -s' <<EOF
# list of root commands
EOF
But now you have the same as with sudo.
There is an easy way to do it without a second script. Just put this at the start of your file:
if [ "$(whoami)" != "root" ]
then
sudo su -s "$0"
exit
fi
Then it will automatically run itself as root. Of course, this assumes that you can sudo su without having to provide a password - but that's out of scope of this answer; see one of the other questions about using sudo in shell scripts for how to do that.
Short version: create a block to enclose all commands to be run as root.
For example, I created a script to run a command from a root subdirectory, the segment goes like this:
sudo su - <<EOF
cd rootSubFolder/subfolder
./commandtoRun
EOF
Also, note that if you are changing to "root" user inside a shell script like below one, few Linux utilities like awk for data extraction or defining even a simple shell variable etc will behave weirdly.
To resolve this simply quote the whole document by using <<'EOF' in place of EOF.
sudo -i <<'EOF'
ls
echo "I am root now"
EOF
The easiest way to do that would be to create a least two scripts.
The first one should call the second one with root privileges. So every command you execute in the second script would be executed as root.
For example:
runasroot.sh
sudo su-c'./scriptname.sh'
scriptname.sh
apt-get install mysql-server-5.5
or whatever you need.