Home > bash, security > run a script as another user without password

run a script as another user without password

You can run a program/script/command as another user the following way (example):

sudo -u www-data /bin/date

That is: /bin/date is executed in the name of www-data and you get the output. However, it asks for your password.

Question: how to execute the command above without a password check?

Solution

Create the file /etc/sudoers.d/date_test :

jabba ALL=(www-data) NOPASSWD: /bin/date

Meaning: allow the user “jabba” to execute “/bin/date” in the name of “www-data” and ask no password.

You should read /etc/sudoers.d/README, it contains important pieces of information:

  • the file you create cannot contain ‘~‘ or ‘.
  • the file must have 0440 rights
  • the command at the end of the lines must have absolute path

Tip from here.

Advertisements
Categories: bash, security Tags: , ,
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: