Reputation: 17553
unable to pass password to su
I have a bash script that requires a couple commands be run under a different user. I would like to do this with su but I am unable to automatically su without a password prompt.
The user running the script will be apache in centos (so not a real user account, e.g you cannot do su apache and get a prompt under apache user).
Thus, I dont think something like expect will work. I also can't ssh from apache to another localhost account using ssh keys.
Is there a way to accomplish my objective? Hardcoding passwords is acceptable to me.
Upvotes: 0
Views: 716
Answers (1)
Reputation: 33177
This is what sudo was built for - fine grained permission raising. If you add the script as something apache can run with sudo (in the /etc/sudoers file), you can provide limited permission escalation.
However, requiring anything invoked from the apache user is very very dangerous. It could quickly turn a limited local exploit into a root exploit. Be very careful in sanitizing your input, understand how shells expand variables, etc.
Upvotes: 3
Related Questions
- Run a command as su - through ssh through a bash script
- Why does `su` keep asking me password
- Sudo SU in Bash script without asking user for password
- how to sudo su during ssh remote command
- How can I pass a password to the "su" command?
- Login to su and take the password from the same script
- Passing su password in shell script
- pass the password in su command in linux itself
- how to pass a password on a command line while using su
- How to allow entering password when issuing commands on remote server?