javaguy Posted August 23, 2008 Report Share Posted August 23, 2008 I have a user photo that is basically only for scripts to retrieves pictures from my camera and my phone. I do this so that the scripts can set the pictures to read-write for the photo user but read-only for the rest of the world, and I only ever log in as photo to retrieve the files. (I have lost really cool pictures accidentally before, so I'm extra cautious.) I'd like to have the photo user's scripts executable from my regular user account and have set o+x and the sticky bit, but even with the sticky bit set the files and directories created by the script are owned by the user running the script, not by the photo user that owns the script. Is there any way that I can truly run a script as user photo while logged in as user blahblahblah? Quote Link to comment Share on other sites More sharing options...
pindakoe Posted August 24, 2008 Report Share Posted August 24, 2008 New files get group/owner of the user that is running the program that creates them, unless you change this with su or sudo. I have a similar seituation where I use "su" to start a script as another user by means of following command: su - photo -c "script.sh arg1 arg2 arg3" This will start script.sh as user photo with arguments arg1..3 Quote Link to comment Share on other sites More sharing options...
javaguy Posted August 24, 2008 Author Report Share Posted August 24, 2008 I have a follow-up question then. If I just want to sudo (I don't) I can set up my sudoers entry for that command with the NOPASSWD option so that I can just run the command, fire-and-forget. Is there a way to set up my account so that I can do the same thing with a plain su? Quote Link to comment Share on other sites More sharing options...
paul Posted August 24, 2008 Report Share Posted August 24, 2008 put yourself in the wheel group if the wheel group doesn't exist then create it grep wheel /etc/group* /etc/group:wheel:x:16:paulw,markv /etc/group-:wheel:x:16:paulw,markv then edit /etc/pam.d/su # Uncomment this if you want wheel members to be able to # su without a password. auth sufficient pam_wheel.so trust Quote Link to comment Share on other sites More sharing options...
javaguy Posted August 28, 2008 Author Report Share Posted August 28, 2008 Will that allow any wheel group member to su to any other wheel group member without a password? I'm not sure if that's what I want. Then again I'm not sure it isn't. ;) Quote Link to comment Share on other sites More sharing options...
pindakoe Posted August 28, 2008 Report Share Posted August 28, 2008 Not quite certain but recommend to have a look at sudo and sudoers (the file that defines what authority you delegate). My understanding is that (by means of /etc/sudoers file, only to be edited by command 'visudo') this allows fine granular control on who can do what (in addition to normal user/group permissions). Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.