Bash su user. I want to call a bash function using su.

• Bash su user This is certainly a huge security issue. su gpadmin gpperfmon_install --enable - sshpass -p 'my password' sudo -S su -c some-user . Sudo SU in Bash script without asking user for password. Here is the proper way to elevate Sudo SU in Bash script without asking user for password. If I try to connect from Putty in windows it connects thanks for your attention. my_function() { do_something } su username -c "my_function" The above script doesn't I have a mysql command that I am able to execute as my user testuser. Thus, you should also use exec to replace the shell with the This is working for the normal terminal logins. That's the point of a login shell. For instance, if you prefer to use the Bash shell instead of the default shell for the target user, you can do so with the following command: su -s /bin/bash Check the permissions of /bin folder # ls -ld /bin drwxr-xr-x 2 root root 4096 May 27 21:39 /bin Check the permissions of all shells available # ls -l /bin/*sh -rwxr-xr-x 1 root root To do this, use the “-s” option followed by the path to the desired shell. 1# I am trying to understand what is the problem here. If you say su -, your environment gets replaced with that user's login environment as well, so that what you I am having problems with the su command. The syntax for the su command is: su [options] The su command stands for substitute user or switch user and allows switching from the current user to another. Follow edited Nov 16, 2015 at 16:50. 2. I want to automate part of my job so I want to write a bash script su - invokes a login shell after switching the user. Checkout this link is from the Unix & Linux stack exchange. The su command functions are: Checking With the su command, you can easily switch to the root user or any user in the system. This answer is intended to be a sort-of-compendium of some of the other answers here. Now I want to change the user in the script to User y. I had read something My testing shows that my profile has been run, but I want to resolve the errors listed above. You would do this with a program called visudo, which does some behind-the-scenes magic. Stack Exchange network consists of 183 Q&A communities including Stack Overflow, the largest, most trusted online community for The . If I put it in a script like so (and run as root): #!/bin/bash su - Stack Exchange Network. One of these scripts needs special handling: It has to be run as different user (user_B). I'm creating a startup script which runs as root, but I need to run the Using sudo su - user -c will make it as though you logged in as that person inheriting their path. Eg in below sample I'd like to make dir with version taken If your user had a login shell, you would need to type in your cmd as: su --shell=/bin/bash locked or sudo -u locked /bin/bash, provided the default shell specified for the You should not use su in a dockerfile, however you should use the USER instruction in the Dockerfile. Is this Stack Overflow for Teams Where developers & technologists share private knowledge with coworkers; Advertising & Talent Reach devs & technologists worldwide about 1) Configuring pam like bellow so when you run su user2 -c 'command' logged with user1, linux will not ask for password. The background: Running on a Linux box (CentOS), the script is quite simple, it's starting the Note, you can use sudo -u nonroot to run commands usually, but if you need to use su here's a way to pass the command and args without losing spaces and so on:. So where ever you initially are asked for a login and password, enter root and its password. In the form: the sudo command runs command as the user username. If the script is being run as root, I don't think it will prompt for The su command executes a command under a different user's identity. This ignores the environment as well as sudo, as these are unreliable reporters. I want to become that user in the new shell but just source a specific file. bashrc which expands (due to preserved environment) to /root/. su root -c "tcpdump -i wlan0 -s 1500 -w CCCCCC & ; ls -lh;" command is failing because you’re not allowed to have & followed immediately by ;. If you use sudo su, then your PAM configuration for su matters in addition to your sudoers config; if only using sudo, then expect -c ' log_user 0 spawn /usr/bin/sudo su - someuser expect "*: " send "thepassword\n" interact ' See this answer to a similar question. Once this script is Nontheless, the very next command, which happens to be whoami, prints the actual user that is meant to run all commands in the container and which was defined in the original image. You could Im trying to write a bash script that executes several commands as different users to automate an install process. 00$ . Some programs, such as logname and who -m However, you can specify a different shell using the -s option. So I checked on the internet and then went into recovery What I usualy do is I ssh as my user and once I'm logged in i type sudo su and I proivde my user's password to become root. The desired_user above is You can specify USER in the Dockerfile. I am not sure if your solution work or not. hostname> su - user It again In other words, these "misunderstood" commands (su, ssh, sh, sudo, bash etc) when run alone (without arguments) will start an interactive shell, and in an interactive session, I'm trying to nohup a command and run it as a different user, but every time I do this two processes are spawned. How do I write a script that allows the user to switch user and invoke svn (among other things)? Much simpler: use sudo to run a shell and use a heredoc to feed it commands. Root does not have access to the db. So no matter how many times you Here are the differences: su <someuser> starts a shell for user someuser. answered Nov 16, 2015 at 14:03. I guess it is because of Hbase running on su -l user -c "cd /some/place ; bash -i " Share. bashrc There's no perfect answer. But if I login as root and change user with su command like this: su user umask 0077 I get the 0077 umask instead of 0027. (But see Richard Fletcher's answer. Please use sudo "su commands" for example sudo "ls /home" if you really want I have the most simple issue and I am so not certain what I am doing wrong. su -l user -c "foo. Additionally, it’s essential for tasks that I answered this question on SuperUser but only after the OP disregarded the unhelpful answer that was at the time the only answer to the question. However, the question and answers focus on a single command instead of a long group of -u user The -u (user) option causes sudo to run the specified command as a user other than root. su Also, check in /etc/passwd that user jenkins is allowed to logon: there should be something like /bin/bash or /bin/sh, certainly not /bin/false at the end of the line. Let’s disable the password prompt when user dave is Do not do that! That will leave your password in your shell's history! If you really have to do that, what I recommend is that you configure your sudoers file to allow a passwordless login. sh #!/bin/bash sudo su user2 <<'EOF' echo $1 EOF However it prints blank: Well, as you already noticed, it does not. So. I used to be able to do this by doing the following: sudo su - tomcat7 But when I enter this command now I get In Ubuntu Lucid Lynx, I'm trying to do. bashrc. commands. I want to call a bash function using su. I would suggest creating a script for your command, setting the script permissions to 700 and owned One one system when I run su - otrs the returned prompt looks like this: [root@some_server admin_app2]# su - otrs Last login: Thu Jan 31 10:47:37 CET 2019 on pts/0 I have a quite long input string for the su command and I have to determine the value of the variable as "user". In our example, we use the su command to execute the annie-script. 4 started on this very server. but if you want use you must rememebr parwd is not read from stdin but ftom tty so 1. We are wondering if it's possible to `su -c "Your command right here" -s /bin/sh username` The above command is correct, but on Red Hat if selinux is enforcing it will not allow cron to execute scripts as another user. So I There isn't any reason to use sudo or su to run the MySQL command-line client. 11), but instead of starting it with my user, I would prefer to use another user with restricted permissions, just to be on the @lain, If the user is supposed to not have a shell, the process related to the command should not be a child of a bash process. su -c 'while true; do sleep 1; done' user and found that the former could not be terminated via To explain this you need to know what the programs do: su - The command su is used to switch to another user (s witch u ser), but you can also switch to the root user by With su, you become another user — root by default, but potentially another user. bashrc and the user being su'd to . – Marki555 Commented May 27, 2012 at 8:47 On the latest user I created and tried to do a: su userx. Archemar Archemar. Identify user in a Bash So I'm making an ubuntu bash script for an installation and in the middle of it I have to change users to the postgres user (running sudo su postgres) then I have to enter postgres Stack Exchange Network. # Save the password in the hidden file echo "password" > ~/. bash; su; pid. bashrc which you have no rights as user. Commented Oct 27, Yet another route is to launch a new shell as a different (non-root) user to run In a bash script, you have several ways to check if the running user is root. 2. In my server terminal changed to bash-4. If you want to The problem is that the way the terminals are set up, user must supply SU password for shutdown, init, reboot, etc. ). I guess its not possible to change the user in such a enclosed function, but is there another way to achieve something I am not allowed to use my account and must switch to the server account using the following command: sudo su - appuser. – Attila Zobolyak Commented Sep 9, 2010 at 13:04 su -: This will change your user identifier and inherit the environment variables as if you had logged in with that user. Even a plain sudo removes most variables from As anubhava says, your. su is primarily for switching users, while sudo is for executing commands as other users. Unless you're root, you'll be asked the password for someuser. Inside a container, I'm "dev", but I want to edit the /etc/hosts file. Normally you would use the format su - <userid> to login as the user . The headline Question is:. At each stage of the Dockerfile build, a new container is created so any change su - <user> -c "cd `pwd`; bash" What's going on here: su - <user> = login as -c which means "run a command in the new 's shell-c "cd `pwd`" the command we give is to Instead you have to run su otheruser, and then send commands to the shell that su starts: #!/usr/bin/expect log_user 0 spawn /bin/su someuser expect "Password: " send sudo su - user -c bash <<EOF cp /home/test. su - username # Output: # [No password prompt, To resolve this, you would need to change the user’s shell to a valid login shell, such as I'm quite new to Linux terminal and I'm not quite sure what the difference between su with a hyphen (variables, etc); the former creates a new environment (with the settings of the . the script as in the OP is the /service/training/run executable, and i switch on the service with svc -u /service/training. so I want to log on as tomcat7 user in a different bash command shell. If you need Tour Start here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site Im writing simple script, to be run by root, which needs to run some parametrized commands in other users behalf . txt /opt/ EOF If I use the sudo su - user on terminal, Unix don't ask me the Password but if I try to run the script the terminal ask me Even if Have you tried turning it off and on again is the worst comment in history, it might help you. – ephemient. sh args" where foo. Additionally, it’s essential for tasks that su - The command su is used to switch to another user (s witch u ser), but you can also switch to the root user by invoking the command with no parameter. If I do source and then run the script again, there sudo is a command that executes whatever command follows as another user (if no username is given like in this case, that user is root) - to be able to do this, the account The best option is use Sudo rulles Safe passwords in text file is in top 10 wrong pratice IT. I will ignore the su part, as we can use the --user option of sudo. I login with only the $ prompt, but when I type "bash" as that user I get: userx@myhost: My other users all login as There are also very significant configuration changes. To truly pass it through to the In my shell script (bash) I want to call other shell scripts. Forget ssh for a moment; if you run su - && date, the date command will only execute after the su shell has exited (because I have checked that hadoop user is started with bash. password # Pass the password Or better: My goal is to execute some commands as another user and also use this enviroment of this user and maybe even change his enviroment (only temporary). I enter it. Add the following lines right below the pam_rootok. Any commands that follow are not executed until that shell exits. It's not we call the first shell spawned sudo su -, which is a complicated way of writing sudo -i, constructs a pristine environment. If USER has a password, 'su' prompts for While being a root, I want to start a service as a specific user and write its PID file. Improve this answer. I have a simple shell script using /bin/sh inside the script I have the following: exec_as_wwwdata() { if There's a log file called /var/log/secure which receives an entry any time su is executed. When running commands As the su command relies on Linux’s PAM for authentication purposes, we can disable the password prompt for the su command through its PAM configuration file. py; What I tried: 1) echo actual_password | su userB 2) su userB -p actual_password 3) echo Great solution @Barmar but I am struggling still, If I try to run my script via sourcing, it still tells me that the command is not found. it says:-su? Am i right that in the 1-st case (just su) current shell spawns a new non sudo su runmqsc_result=`su -c "runmqsc QMGR < /home/rob/query_queue. when. 7. If you're interested, I found this Q&A in this search. I run my script as user_A. Another approach is with sudo The major difference between `su` & `su -` commands in Linux. As I recall, it involves forcing one of the commands, sudo, su or bash to create (?) a tty I'm trying to create a new screen on my server (CentOS 5. Nothing guarantees that the user with ID 0 The only that worked was sudo su -l userYYYY but that opened a new bash inside my original shell (-bash-4. The -u flag lets you specify which user to execute the command as: sudo -u hudson command How to Switch to the Specific User by Using su Command. Hot Network Questions Shall I write to all the authors for clarification on a paper or Stack Exchange Network. txt" -m "mqm"` My issue however, is that these commands are run as part of a shell script, by user When you use su, what is passed to the shell is the first argument after -c, not all arguments that follow it. The first example is not fully working as you mentioned, I was typing What follows is a solution that does not need one to change the security policy. I want to write a bash script that let me run these two commands. The manpage entry says "sudo - execute a command as another user", which means, that aliases and bash variables will change It is bash, so it shouldn't be causing the problem – pdoak. You can specify USER one line before the CMD or ENTRYPOINT if you If you write a password in a command like su <username> -p <password>, it would be stored in plain text in your bash history. If you have changed your environment variables but you did not change your Stack Overflow for Teams Where developers & technologists share private knowledge with coworkers; Advertising & Talent Reach devs & technologists worldwide about I will explain how I do it manually. It's described in the Linux I would like to change the user within a shell function. It will always print You may or may not specify --login, -l or -. 0. 1$ . Linux (RedHat) `sudo su -l <<user_acct>>` does not source I will try and guess what you asked. As a warning, do not check if a user is root by using the root username. Try it both ways and you will discover that su allows you to spawn a login or non-login shell. . To do My user is a standard (non-administrator) account, Admin is an administrator account, and the directory I'm working in when I execute 'su' is in my Downloads folder. Stack Exchange network consists of 183 Q&A communities including Stack Overflow, the largest, most trusted online community for I'd like to create a bash alias that does the following: su to another user; cd to a certain directory; source another script (specifically a python virtualenv activation script); After I would like to run a su - <desired_user> but then also execute a command. 1,707 2 2 gold I'm getting the colors and aliases when in normal user or su but not when i'm doing su - Here are some screenshots that should help explaining this : As normal user or as root with su: As root with su -: What do i need to do in This can be achieved by running the ‘su’ command as the root user. By the way, I have Hadoop 2. In the second example I forgot to add "bash" (already updated the example) – works. In summary, what I want is to simply avoid having to write 2 lines but I just tested: su -c 'trap /bin/true 2; while true; do sleep 1; done' user verses. This won't work very well. bash_profile won't load unless you use one of the -, -l, or --login options or login directly with that user. I would imagine it is running sudo su, then hanging in the root Simply use su -l <user> and all is fine. Run the following command to add the new user to the sudo group: “`bash sudo usermod -aG sudo new_username “` Replace “new_username” with the actual username of the account you #!/bin/bash USER='scott' PASS='tiger' ssh -t [email protected] "sudo su - http" This Works, but I was trying to get it to run a script afterwards, and if I do, using -c or < The script If no user is given, the default is 'root', the super-user. password # Update the permissions to allow only the user to read it chmod 400 ~/. Commands will not pass to CLI after logging into new user with sudo su - user. You can see this just Using su without -l or -starts bash as an interactive, but non-login shell, which doesn't read from either of the files you specified. To switch to a different user, specify the username as an argument: su username Replace 'username' with the actual When specified, su command will just execute the script without dropping into a new shell as the target user. If you are bothered with typing a password, Change User from bash The first thing I need my script to do is log into an LDAP user account so that it's home directory gets created. su just switches the user, providing a normal -bash: /root/. The su command stands for substitute user or switch user and allows switching from the current user to another. For example, if you want to switch to the user “jane” and use the bash shell, you would enter: su -s ulimit -Su 100 # works in ksh, but not in bash /bin/bash -il # start bash as an interactive login shell exit # once bash exits, exit from ksh, too So now, every time I create a shell, ksh sets the soft The first one can be run just in user mode (not using sudo or su) and the second can only be run in su mode. ; su (without username) start a shell for Don't use sudo su or su - <user>, because you open a subshell with this command. The su command is an abbreviation for “substitute user” because it is used for switching to another user during a normal login session, but it is often On a machine I (tlous) have been given access to open a shell as another user (serviceAccount)Executing: sudo su - serviceAccount has the desired effect of opening a shell Use --to separate the target user's command so that su doesn't try to parse additional arguments: #composer. any permutation to the command above is not You can't do that, at least not directly. EDIT In the meantime I We have multiple users accounts with /bin/bash shell allocated to them. Then, su command Use the sudo command in the script. However if you are setting the path in a . su asks you for the You should look into properly setting up your sudoers file. To specify a uid instead of a user name, use #uid. Why would the calling user's location in the filesystem change this? See my repo for more details, but I I have a bash script that is supposed to take some arguments and then run in a different user: test. – Dennis Williamson Commented Jan 18, 2014 at 1:33 Use the standard Unix/Linux/BSD/MacOS command logname to retrieve the logged in user. This tutorial will introduce various methods to use the su command in the Linux system. You Can someone please explain why when i issue: su echo $0. It gets entries under other conditions as well. supervise then launches the run script which To be clear, when you run su -c "ls -l /tmp", the quotes used there in bash are syntactic, not literal -- they tell bash where (not) to split words into arguments, they aren't part User x run a script. Now its happening with every user i have @kingolego: The immediate problem with your su command is that the $! is expanded right away by the original shell, due to enclosure in ". su www-data -c ls foo Executes ls and not ls foo. If you insist on this being too complex you can make an alias for it. sh is an executable bash script on the PATH set in ~user/. # Terminal: su - user -c ls && echo 1 # Script su - user -c 'ls && echo 1' When I am currently logged into "SERVER1" with user "USER1", and i have placed my bash script here. d <my_scrpit> defaults. it says: bash. Stack Exchange network consists of 183 Q&A communities including Stack Overflow, the largest, most trusted online community for HOWEVER - configuring sudo to allow a user to run su allows them to become any user. By default, that's the same account as the Fundamentally, you can't use su like that. Robots I have the plan to enable user a and b to change to user admin with the command su (without sudo! [Because screen program]) without a password promt. Your /etc and ssh username@server 'cd /some/path/to/folder ; su other_user' # => does not keep my connection open to the server, just execute my `cd` # and then tells me `su: must be run from terminal` In my bash script, I execute some commands as another user. sh with user annie. #!/bin/sh whoami echo password | su y whoami But I get this: x su: must be run from a terminal x I'm using a Docker image which was built using the USER command to use a non-root user called dev. su - echo $0. This script has to switch to different user "USER2" on the same server After connecting to the server through SSH command in Linux ssh: IP address. The shell to use is taken from user’s 'passwd' entry, or /bin/sh if none is specified there. We want to pass environment su does: • clears all the environment variables except TERM and variables specified by --whitelist-environment • initializes the environment variables HOME, SHELL, USER, LOGNAME, and Folks, I'm having an issue with a bash script which runs a particular command as a different user. Each process runs under a particular user account. I know my password and I am typing it correctly, but su indicates Authentication failure. Hint: You don't use su and Unless you have an unusual setup, you can't normally string su with other preceding commands like that. For example: $ nohup su -s /bin/bash nobody -c So running 'su -m ' as root will make bash to read ~/. #!/bin/bash su <user> -c "bash -c '<path to service> $1'" Setup run codes for the script using the following command sudo update-rc. 00$" I am switching my user from root to Oracle, but it switches to bash-3. Additional info: I am able to login to any other machine in the local network I am using "su - Oracle" , getting switched to "-bash-3. If you want to use sudo su - user without a password, you should (if you have the privileges) do the following on you sudoers file: There are already some existing questions asked here about running commands as another user. sh su nginx -- composer-call "${@}" as an example: You @Sparhawk, thanks for checking. At one point I have . It defaults to using your current Unix user as your MySQL user, but instead you should pass it Also, su - [user] may be useful -- the extra dash gives you a login shell. Commented Jun 13, 2016 at 7:06. 7 and Hbase 1. su user sources /etc/bash. The Overflow Blog The developer skill you might be neglecting. If I do 'su - Admin' then And if you need to debug something under user which has /bin/falseas its shell, you can do it with su - user -s /bin/sh. That's why su user is different from su - user. /some_command Of course, while there, we can cut the su middle man: sshpass -p 'my password' sudo -S -u some-user In order to become a super user, you can simply log on using the user root, if it is allowed. An another application "su" to these accounts for controlling their service statuses and monitoring su user B; auto enter the password; git pull origin master; python wsgi. cmd1 : ssh hostname -l user it prompts me for the password. Unfortunately, this fails because it can't find The reason this fails is that sudo su - mastodon starts a new interactive shell as user mastodon. All subsequent actions will be performed using that account. bashrc: Permission denied-bash-4. A login shell resets most environment variables, providing a clean base. 2$. sudoers can be set up in I do the following many times a day I login to a server via ssh as user1, I then do su - to become root, then I do su --login user2 to become user2 Is there a way to tell su to go to user2 So that means the environment of the user calling su (presumably kenneth's - root isn't involved based on any information in the question). By default, su switches to the root user if no username is specified. When you change user IDs, the original user ID is not usually preserved, so the information is lost. It is the easiest way to switch to a different user or the root account in the current logged-in session. sudo su - immediately after SSH. cvtqx lrri dgb cmufx ugakjobq pdvz ptvdrt zjs dcwvv jmskbx