作为 root 用户,我可以作为另一个用户在 BASH 中执行命令而不需要密码吗?
[英]As a root user can I execute commands in BASH as another user without requiring a password?
问题描述
I have a root user account on an RHeL server.
我在 RHeL 服务器上有一个 root 用户帐户。 On that server I have a simple script called user.sh that just returns the current user:在该服务器上,我有一个名为user.sh的简单脚本,它只返回当前用户:
#!/bin/bash
echo $USER
when run from my root account the output is从我的根帐户运行时,output 是
bash user.sh
>>>root
From another script I would like to be able to temporarily switch between users without entering a password, storing the password in the script or a file , or modifying /etc/sudoers and execute user.sh and then return back to my initial root account.从另一个脚本,我希望能够在不输入密码的情况下临时切换用户,将密码存储在脚本或文件中,或修改 /etc/sudoers并执行user.sh然后返回到我的初始 root 帐户。 Is this at all possible?这是可能吗?
Here's what I've tried so far:这是我到目前为止所尝试的:
Using delimeters to execute a block of code
使用分隔符执行代码块#./bin/bash bash /user:sh su other_user <<EOF echo Current user: $USER EOFoutput:
output:root Current user: rootswitching to a user in bash, executing a command and then logging back out
切换到 bash 中的用户,执行命令然后注销#./bin/bash bash /user.sh su other_user bash /user.sh exitoutput: The script pauses execution and returns me to the terminal logged in as
other_userhowever I will still be in my root account's directory that containsuser.shoutput:脚本暂停执行并将我返回到以other_user登录的终端,但我仍将位于包含user.sh的根帐户目录中root [other_user@my_server]$if I then type
exitI'm returned to my root account and the script completes execution如果我然后键入exit我将返回到我的根帐户并且脚本完成执行using the
su - <username> -c /path/to/the/shellscript.shto execute a script as a different account and then return使用su - <username> -c /path/to/the/shellscript.sh以不同的帐户执行脚本,然后返回#./bin/bash bash /user.sh su - other_user -c /path/user.shoutput:
output:root -bash: /path/user.sh: Permission deniedusing
sudo -i -u other_userto log in as the user and execute the script which yields the same problem experienced with attempt #2 but I am redirected toother_user's home directory.使用sudo -i -u other_user以用户身份登录并执行脚本,这会产生与尝试 #2 相同的问题,但我被重定向到other_user的主目录。
It may be worth noting that if I use method 2, while I'm logged in as other_user I am able to run bash user.sh and yield the desired output: other_user值得注意的是,如果我使用方法 2,当我以other_user登录时,我能够运行bash user.sh并产生所需的 output: other_user
1 个解决方案
解决方案1
3 已采纳 2019-11-08 20:20:40
In the second example, the $USER variable is expanded before su is executed.在第二个示例中, $USER变量在执行su之前展开。 This can be prevented by quoting EOF .这可以通过引用EOF来防止。
su other_user <<'EOF'
echo Current user: $USER
EOF
Or you can execute the script to do it in the root shell, also using a here-doc:或者您可以在根 shell 中执行脚本,也可以使用 here-doc:
su other_user <<END
bash user.sh
END
or you can use the -c option to su :或者您可以使用-c选项su :
su other_user -c 'bash user.sh'
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.