I have script.sh that must be run as user2. However, this script can only be run under user1 in my application.
我有脚本。sh必须作为user2运行。但是,这个脚本只能在我的应用程序的user1下运行。
I would like the following command to run:
我希望运行以下命令:
su user2 -C script.sh
but be able to run without password.
但是可以在没有密码的情况下运行。
I also want this to be very restrictive, as in user1 can only run script.sh under user2 and nothing else.
我还希望它具有非常严格的限制,因为在user1中只能运行脚本。sh在user2下面。
I've tried doing this with sudoers file and just got endlessly confused after hours of trying.
我尝试过用sudoers文件来做这个文件,但是经过几个小时的尝试,我还是被弄得晕头转向。
If somebody can provide an explicit example of how this can be accomplished (instead of something generic like use sudoers), it would be greatly appreciated.
如果有人能提供一个明确的示例来说明如何实现这一点(而不是像使用sudoers这样的通用示例),我们将非常感激。
2 个解决方案
#1
104
Call visudo and add this:
调用visudo并添加以下内容:
user1 ALL=(user2) NOPASSWD: /home/user2/bin/test.sh
The command paths must be absolute! Then call sudo -u user2 /home/user2/bin/test.sh from a user1 shell. Done.
命令路径必须是绝对的!然后调用sudo -u user2 /home/user2/bin/test.来自user1 shell的sh。完成了。
#2
172
try running:
尝试运行:
su -c "Your command right here" -s /bin/sh username
This will run the command as username given that you have permissions to sudo as that user.
这将以用户名的形式运行该命令,前提是您具有作为该用户的sudo权限。
#1
104
Call visudo and add this:
调用visudo并添加以下内容:
user1 ALL=(user2) NOPASSWD: /home/user2/bin/test.sh
The command paths must be absolute! Then call sudo -u user2 /home/user2/bin/test.sh from a user1 shell. Done.
命令路径必须是绝对的!然后调用sudo -u user2 /home/user2/bin/test.来自user1 shell的sh。完成了。
#2
172
try running:
尝试运行:
su -c "Your command right here" -s /bin/sh username
This will run the command as username given that you have permissions to sudo as that user.
这将以用户名的形式运行该命令,前提是您具有作为该用户的sudo权限。