Sourcing a shell script, while running with sudo

Question

I would like to write a shell script that sets up a mercurial repository, and allow all users in the group "developers" to execute this script.

The script is owned by the user "hg", and works fine when ran. The problem comes when I try to run it with another user, using sudo, the execution halts with a "permission denied" error, when it tries to source another file.

The script file in question:

create_repo.sh

#!/bin/bash

source colors.sh

REPOROOT="/srv/repository/mercurial/"
... rest of the script ....

Permissions of create_repo.sh, and colors.sh:

-rwxr--r-- 1 hg hg  551 2011-01-07 10:20 colors.sh
-rwxr--r-- 1 hg hg 1137 2011-01-07 11:08 create_repo.sh

Sudoers setup:

%developer ALL = (hg) NOPASSWD: /home/hg/scripts/create_repo.sh

What I'm trying to run:

user@nebu:~$ id
uid=1000(user) gid=1000(user) groups=4(adm),20(dialout),24(cdrom),46(plugdev),105(lpadmin),113(sambashare),116(admin),1000(user),1001(developer)

user@nebu:~$ sudo -l
Matching Defaults entries for user on this host:
    env_reset

User user may run the following commands on this host:
    (ALL) ALL
    (hg) NOPASSWD: /home/hg/scripts/create_repo.sh

user@nebu:~$ sudo -u hg /home/hg/scripts/create_repo.sh
/home/hg/scripts/create_repo.sh: line 3: colors.sh: Permission denied

So the script is executed, but halts when it tries to include the other script.

I have also tried using:

user@nebu:~$ sudo -u hg /bin/bash /home/hg/scripts/create_repo.sh

Which gives the same result.

What is the correct way to include another shell script, if the script may be ran with a different user, through sudo?

Answer 1

What is probably happening is that the script tries to source the file colors.sh in the current directory and fails because it doesn't have permission to read your current directory because of sudo.

Try using source /home/hg/scripts/colors.sh.