Changing to root in an Unattended Script

General Computing *nix and other operating systems
1

I want to change to root to execute a command in a shell script then revert back to my user.

Basically I want to mount a share (thus needing to be root), copy files across as myself, then unmount the filesystem but the script will be run by cron at late night automatically so I don’t want the script to stop and ask for a password.

Is it possible?

Otherwise the two alternatives I can think of is;-
[ol]
[li]Have 3 scripts. One runs as root at X time that mounts the file system, next one runs as me and copies the files across at X+Y time, then the third runs as root at X+Y+Z time to unmount the filesystem
[/li][li]Run the script as su, then chmod the directory and files back to my user.
[/li][/ol]

2

Can you define the cron job as root so it has the necessary privilege? You would then have to change ownership of the files after copying them (or whatever.)

Starting a cron job as root sounds like a Bad Thing even if you can do it. How about creating an account with just the extra rights you need and using that to run the cron job? (The script would still have to change ownership but it would generally be safer.)

3

Well I was under the impression only root could use the mount command. Certainly trying to use mount without the sudo operator gives me no results.

4

Try setuid logic should work a treat

http://www.greenend.org.uk/rjk/2004/perms.html

5

Run the following as a root cronjob

mount /disk
su - drezha -c /home/drezha/drezha.sh >> /home/drezha/drezha-cron.log 2>&1
umount /disk

Supplement with full pathnames as per cron requirements and fstab entries but that should so what you want.

6

[QUOTE=Mojo;408261]Try setuid logic should work a treat

http://www.greenend.org.uk/rjk/2004/perms.html[/QUOTE]

That didn’t seem to work. I’ve done TFW’s suggestion. Will check if that worked when it runs at 15:50.

Otherwise I’ll be trying this
http://rdiffbackupweb.sourceforge.net/

Then I’ll go back to my plan of having three scripts, one to mount, one to rdiff the next to unmount. Inelegant but I see it working.

7

[QUOTE=drezha;408332]That didn’t seem to work. I’ve done TFW’s suggestion. Will check if that worked when it runs at 15:50.

Otherwise I’ll be trying this
http://rdiffbackupweb.sourceforge.net/

Then I’ll go back to my plan of having three scripts, one to mount, one to rdiff the next to unmount. Inelegant but I see it working.[/QUOTE]

I assume your mount command is owned by root. If it is, setting the uid bit on it would make it run as root regardless of who invokes the command. You may not have execute permissions for mount, that could have been got round by using a script to invoke it, and would probably be better than changing the mount command’s default permissions.

TFW’s script looks fine to me and should work, there’s always more than one way of skinning a cat on Linux.

8

I didn’t see TFW’s work.

I set the Cron to run at 30 15 * * * /scriptlocation and it didn’t work. I’ll redo it tomorrow if my three prong scripts don’t work.

9

if all else fails you could try installing “sudo” unless it’s already installed… and give your user account the rights to run the mount command as root.

long shot but hey :wink:

10

Didn’t realise I could give my user admin privileges. Though it’ll be a last resort.

I’ll look into that. A bit of research shows that adduser chris admin should work…

11

[QUOTE=drezha;408396]I didn’t see TFW’s work.

I set the Cron to run at 30 15 * * * /scriptlocation and it didn’t work. I’ll redo it tomorrow if my three prong scripts don’t work.[/QUOTE]

Check roots mailbox and remember cron does not load any environment, all paths to executables need to be full paths or define paths in the shell scripts.

I’m assuming you have cron working already with cron.allow and cron.deny as they should be.

12

cron works as normal as the stats I update here (http://drezha.homelinux.net/folding) works fine every night.

I know it doesn’t work as the backup folder remains empty. Paths were full paths in both the cron and the shell script (found rdiff-backup didn’t like working without full paths either)

13

Is the mount point readable to non-root IDs ?

14

Yep.

The three pronged script attack seemed to work fine last night. Inelegant but works.

15

Inelegant it may be but it retains control of mount for root.

Tidier solutions would be sudo mentioned above or configuring automount.

This one like so many others is developed using the development method referred to as
Formed Using Common Knowledge Under Pressure.

I develop a fair number of scripts using this procedure.

16

Excellent method.

Used it a couple of times myself. Most notable to wipe a backup of all my documents.

17

The acronym says it all TFW :lol: