On Wed, Apr 30, 2014 at 3:35 AM, Matthieu Guionnet <guion...@insa-toulouse.fr> wrote: > Hi Todd, > why don't you just use setuid ? > http://en.wikipedia.org/wiki/Setuid
Because the kernel does not permit this for scripts. http://www.krenel.org/setuid-and-shell-scripts-explained/ Setuid shell scripts are begging to have environment variables set to abuse their suid privileges. There are *compelling* security reasons not to permit it. > You just change the script owner or group to root. > And put the s bit with the chmod command. > That's all. > > Matthieu. > > Le mardi 29 avril 2014 à 13:22 -0700, ToddAndMargo a écrit : >> On 04/29/2014 12:37 PM, Mark Whidby wrote: >> > On Tue, 2014-04-29 at 12:20 -0700, ToddAndMargo wrote: >> >> Hi All, >> >> >> >> I have a bash script that need to be run as root. >> >> In the script, I check to see if it is running as >> >> root and flag the user to run appropriately. >> >> >> >> Is there a way to use "su" to prompt for the password >> >> and continue the script if successful? (I would test for >> >> $? after the prompt.) >> >> >> >> Currently "su" will just open a new shell as root. >> >> >> >> I can run a command inside "su", but what about the >> >> other 200 lines of code? :'( >> > >> > An interesting problem :-) >> > >> > Something like this seems to work but I haven't thought through >> > the consequences of it, so be aware: >> > >> > -----cut here----- >> > #!/bin/sh >> > >> > this_script=$(basename $0) >> > >> > if [ $(id -u) -ne 0 ] >> > then >> > echo "Enter root's password" >> > su -c ./$this_script >> > exit >> > fi >> > >> > echo "Hello world" >> > echo "Running as $(id -u)" >> > -----cut here----- >> > >> > You probably need to do something with $PATH to obviate the >> > need for the "./" on the su line. >> > >> >> Hi Mark, >> >> I get it. Fascinating! >> >> If not root, call myself a second time with "su" >> >> Thank you! >> >> -T >> >