On Mon, 2003-06-16 at 19:26, Drew Weaver wrote: > Ok, well im not trying to be difficult, this script adds/removes/changes > users in the passwd files. Basically what happens is a cold fusion > script on our db server contacts the mail server and says hey, add this > user, with this password, and this perl script does it, and returns an > OKOK, the perl script runs under apache, im not sure how you make apache > run sudo before launching the create/delete/modify scripts. > > Any advice on this would be appreciated. >
I use php and have always just used it in either backticks or the system() function. here is one that retrieves a file from one of our remote displays and copies it to a local temp file the user specified is the only one with a key on the remote computer to allow the copy via scp. $scpoutput = system("sudo -u exhibitor scp $display:$output.screen.small.jpeg $localtmpfile 2>&1",$retcode); you use the command visudo to configure sudo. here is a sample from the one on the box that allows nobody to run any command as exhibitor without a password. (yeah it is an old server that runs our internal web-based app) nobody ALL=(exhibitor) NOPASSWD:ALL Here is one that allows a user (exhibitor) cronjob to load a database with log information after it has down loaded all the logfiles and summarized them. I happens that I own the db. exhibitor ALL=(bhughes) NOPASSWD: /usr/local/bin/elevatingloadlog.pl the command /usr/local/bin/elevatingloadlog.pl is the only one that exhibitor can run as me. sudo has lots of grouping functionality that I have never had a real reason to get into but it is a fantastic tool. Bret -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list