Commands in Bash

[kxtrm]

im trying to run a sequence of commands from a bin/bash but what i need is log me as a different user and i use something like this


#!/bin/sh

su postgres
postgres
postmaster -D /usr/local/pgsql/data -i


But obviously doesn't work because of the password any suggestions to do this, as you can see im trying to start postgresql

[davidbrit2]

SetUID bit to the rescue! Assuming you have a whole script that you want to execute as the user "postgres", this is actually painfully easy, as it turns out. Now, keep in mind that there's a minor security risk involved, as anybody with execute permission to the script file will be able to launch it with the privileges of the file's owner, in this case "postgres". But you'll be setting it to only allow certain users. That being said, you just need to use chmod and chown:

Code:

sudo chmod 4750 scriptfilename
sudo chown postgres:admin scriptfilename

The chmod command does a few things here. The 4 tells it to turn on the SetUID bit, meaning if anybody executes the file, it's run with the user ID of the file's owner. The 7 allows the owner "postgres" to have read, write, and execute permission. The 5 allows the "admin" group, which presumably includes your personal admin account, to read and execute the file. The 0 disallows everyone else from doing anything with the file.

And by using chown, you set the file's owner and group appropriately so it all works as expected. Make sense? This works with any executable on the system, and I do it fairly often for things like tcpdump and other diagnostic tools. You can set the owner of the program to "root", set the group to "admin", and change the permission bits to 4750 to allow everyone in the "admin" group access to the program with root privileges. It's extremely convenient if you know how to use it sensibly, and cuts down on a large amount of sudo use. Heh.

[mkwan]

very cool