[英]How can I set up a user's permissions so it can execute a bash script to read other users' files?
I have a web server on a Debian machine and another Debian machine which runs an application. 我在Debian机器和另一台运行应用程序的Debian机器上有一个Web服务器。 I want to have the web user call a bash script that returns some info for the php to process.
我想让网络用户调用bash脚本,该脚本返回一些信息以供php处理。
I have already generated ssh keys and paired my web user (www-data) with a user on the target machine (usr_scripts) and I have the following command which runs the bash script on the target machine: 我已经生成了ssh密钥,并将我的Web用户(www-data)与目标计算机上的一个用户(usr_scripts)配对,并且我有以下命令在目标计算机上运行bash脚本:
ssh -o UserKnownHostsFile=/path/to/known_hosts -i /path/to/rsa/key usr_scripts@targetMachine scriptToReadFiles.sh
The scriptToReadFiles.sh is a plain bash script that uses cat
to output some info from different files ( cat /path/to/mainFolder/Folder1/File1
) and I have a function in my php that takes the output and generates a report. scriptToReadFiles.sh是一个普通的bash脚本,使用
cat
从不同文件( cat /path/to/mainFolder/Folder1/File1
)输出一些信息,我的php中有一个函数可以接收输出并生成报告。
My problem now is that usr_scripts has insufficient permissions to read the files I need. 我现在的问题是usr_scripts没有足够的权限来读取我需要的文件。 All the files are inside different folders and they have different owners (as the application uses multiple users for different tasks) like that:
所有文件都位于不同的文件夹中,并且它们具有不同的所有者(因为应用程序使用多个用户来执行不同的任务),如下所示:
mainFolder
|- Folder 1 (owner: user1)
| |- File 1 (owner: user1)
| |- File 2 (owner: user1)
|
|- Folder 2 (owner: user2)
|- File 1 (owner: user2)
|- File 2 (owner: user2)
|- File 3 (owner: user2)
Users user1, user2 etc. are dynamically generated from the application (to whose source code I have no access), they are generated as needed, they don't belong to a certain group and they mustn't have access to other files outside of their designated home folder. 用户user1,user2等是从应用程序动态生成的(我无法访问其源代码),它们是根据需要生成的,它们不属于某个组,并且不能访问外部的其他文件他们指定的主文件夹。
How should I set up my use_scripts user's privileges so it can read those files? 我应该如何设置use_scripts用户的权限,以便它可以读取那些文件?
you can use chmod to change the modes of the current files and umask to change the future files. 您可以使用chmod更改当前文件的模式,并使用umask更改以后的文件。 here is a link to some info for umask http://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html
这是一些有关umask的信息的链接http://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.