sudo and regular user execution

About writing shell scripts and making the most of your shell
Forum rules
Topics in this forum are automatically closed 6 months after creation.
Locked
BlackVeils

sudo and regular user execution

Post by BlackVeils »

i created system setup scripts, to configure things and install software, everything is exactly how i want it.

from what i had read, you can execute a script with sudo, and it wont time-out. then to run commands with regular user privileges, you can use sudo -u username. but i just did a test of that for opening a secondary script as user, and it asked for sudo password in the secondary script window, when there was no reason for it to.

am i missing something? is this even achievable? i'm sure i tested this concept, as i test everything, but its the launching of a secondary that isnt working as expected. here is the command:

Code: Select all

sudo -u vicky nohup x-terminal-emulator -e '/home/vicky/Downloads/OS Setup/OS-Setup-flash-extract.sh' 2>&1 | tee command-output.txt &
sleep 5
now i'm wondering if all the other user commands are actually being executed with sudo privileges.
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Top
niowluka

Re: sudo and regular user execution

Post by niowluka »

BlackVeils wrote:you can execute a script with sudo, and it wont time-out
That's not strictly true. It will time out after 10 minutes, by default.

Also, it only applies to current session. If you run second command in another session, you must authenticate again.
Top
BlackVeils

Re: sudo and regular user execution

Post by BlackVeils »

That's not strictly true. It will time out after 10 minutes, by default.
i've tested the sudo script time-out thing, as long as it was directly loaded with sudo, it works.

anyway, i must have had tired blindspot lastnight, there was a sudo in my secondary test script! but this gets wierder..

i did some tests just now, and the secondary script loads just fine, and executes commands as user, not root. but the commands in the initial sudo script are running as root, when i ran them with sudo -u vicky, the same way i run the secondary script!

i'm confused

>> Edited:

more testing shows that various commands work as intended in the sudo script, either as root or vicky, except for echo if you want to create/edit a file. you need to use touch to create the file if it does not already exist, then edit with echo, otherwise it gets changed to root permissions even when using sudo -u vicky.

i suppose this is solved, but i will be wary of which commands will not obey sudo -u username.
Top
niowluka

Re: sudo and regular user execution

Post by niowluka »

BlackVeils wrote: more testing shows that various commands work as intended in the sudo script, either as root or vicky, except for echo if you want to create/edit a file. you need to use touch to create the file if it does not already exist, then edit with echo, otherwise it gets changed to root permissions even when using sudo -u vicky.

i suppose this is solved, but i will be wary of which commands will not obey sudo -u username.
All commands 'obey' sudo. I guess you are refering to echo redirect

Code: Select all

sudo echo text > file
echo is executed with sudo privileges, but the part after redirect is not affected. You need to wrap the whole command in another one, e.g.

Code: Select all

sudo sh -c "echo text > file"
'sh' is executed with sudo and parses the entire command with acquired privileges.
Top
hupnuk
Level 1
Level 1
Posts: 18
Joined: Sat Mar 29, 2014 9:36 pm

Re: sudo and regular user execution

Post by hupnuk »

niowluka wrote:
BlackVeils wrote: i suppose this is solved, but i will be wary of which commands will not obey sudo -u username.
All commands 'obey' sudo. I guess you are refering to echo redirect

Code: Select all

sudo echo text > file
echo is executed with sudo privileges, but the part after redirect is not affected. You need to wrap the whole command in another one, e.g.

Code: Select all

sudo sh -c "echo text > file"
'sh' is executed with sudo and parses the entire command with acquired privileges.
The problem though with using 'sh -c' though is more complex commands may not work or need to be escaped/fixed.
Instead i would pipe the output of echo to 'tee'.

Code: Select all

echo 'testcommand' | sudo tee 'file' 1> /dev/null
If you want to run commands in both sudo and regular user without having to fear the timeout period, i have written a script specially for this task.

Code: Select all

#!/bin/sh
if [ "$(id -u)" -ne 0 ]; then
   if [ "$1" != '--nosudo' ]; then
      printf '%s\n' 'Please run this script with sudo'
      sudo "$0"
      exit 0
   else
      #### Everything here will run in only normal user
      echo "$USER"
      echo 'b'
   fi
elif [ -z "$SUDO_USER" ]; then
   printf '%s\n' 'This script should be run from a sudo user, not pure root.'
   exit 1
else
   #### Everything here will run in only sudo user
   echo "$USER"
   echo 'a'
   #### This command will run this script in normal user using parameter --nosudo, it also uses the '$HOME' of normal user
   sudo -Hu "$SUDO_USER" sh -c "$0 --nosudo"
fi
   #### Everything here will run in both sudo and normal user
   echo "$USER"
   echo 'c'
exit 0
If you execute this script with parameter '--nosudo', it will not run with sudo.
It will check if your running as pure root or sudo user though.

Hope it helps.
Top
Locked

Return to “Scripts & Bash”