Running a program as a different user

[cardassianscot]

I need to run a program as another user from root. (The program is fetchmail {I want other people to be able to start and stop it but not have root access but it has to be launched at startup meaning it has to be launched by root} but the actual program is irrelevant so I'm not posting this to the network group). I thought this might be something to do with the superuser bit so I saved a script to launch the program as another user and then tried to apply the superuse bit with

chmod -s test

 

This didn't work. Am I doing something wrong or is there a better way to launch a program as another user when you are root.

 

Thanks

[onurb]

Your question is not 100% clear, but, as root you should be able to run any program from all users and groups.

[Guest SDMF]

If you are root at the time, you should be able to use:

su - $USER -c command

[Cannonfodder]

I gather you want to run the app under the user's login so as root you can become that user with su

 

Let's say you have user bob.

 

su bob

 

You will be user bob and can run the app.. as bob..

[ramfree17]

I need to run a program as another user from root. (The program is fetchmail {I want other people to be able to start and stop it but not have root access but it has to be launched at startup meaning it has to be launched by root}

 

use the sudo package to grant normal uses access to utilities that are normally reserved for the root user. this way you wont need to give your users the root password. read the quick sudo tutorial at mandrakesecure.net.

 

ciao!

[pmpatrick]

If I understand your question, you have a program which is owned by root but you want the rest of the world to have read and execute permisions. To accompolish this, navigate to the directory where the program is located and run the following as root:

 

# chmod 755 <program name>

 

This will give root read, write and execute permisions and the rest of the world read and execute. If you want the rest of the world to have execute only privileges, than change 755 to 711. When a nonroot user executes the program, the process launched will be owned by the person who invoked it without the ability to change the program. Nonroot users should also be able to stop the process launched by root I think because they have execute privileges.

[ramfree17]

# chmod 755 <program name>

 

This is dangerous and would fail if the utility in question needs to access a resource that is also owned by root (like logs and locks in /var). sudo is the package developed to address this problem without compromising security. the key here is limiting the possible avenues for attack and still accomplishing the task of sharing the root responsibility with somebody else. :)

 

ciao!

[aru]

fetchmail, the program in question, can be run by anybody, the only requisite is to have access to either an user's ~/fetchmailrc or a global fetchmailrc file through "fetchmail -f file"; as those files use to have the account/passwords info of each user's remote emails, they must have 600 permission.

 

My suggestion is that if all your users trust you, then create a global fetchmailrc file with all your user's email accounts info, and run fetchmail through root's cron in intervals of ten minutes to retrieve all possible email from the outside world (well, that's how I do it)

[cardassianscot]

Thanks, the

su $user -c $command

solution was what I was after. I want to run fetchmail as non-root because it ocassionally needs to be stopped and started by non-root users, so I have a seperate account with my .fetchmailrc file, so fetchmail needs to be run as this user.

 

Once again thanks.