Reputation: 431
Run a command without privileges in a root shell
I have a script that runs with root privileges, and I have a command that must not be run with the those privileges that is executed by the script. I need a way to run that command without those privileges.
From what I've been able to determine, I can run a command as another user using tools like sudo. But doing so requires the knowledge of the user name (or ID) that is to be used before hand. This also raises one or two security issues.
My question is: Is it possible to simply run that command as root but without the elevated privileges? if not, are there suitable alternatives?
Upvotes: 2
Views: 4119
Answers (3)
Reputation: 263637
My question is: Is it possible to simply run that command as root but without the elevated privileges?
No. The entire point of the root account is that it has full privileges. In fact the point of any account is the privileges that it has. The way to run without root privileges is to run as a user other than root.
If not, are there suitable alternatives?
See the other answers. You have to run the command from some specific non-root account, which means that you have to know the name (or numeric UID) of some other account.
As Adam Zalcman suggests, the nobody account might be suitable. Or you can read /etc/passwd or equivalent to find a valid account (though running as some random real user might cause problems).
For that matter, since you have root privileges, you can (temporarily?) create a new account for the purpose of running the command. That's probably overkill, though.
The simplest solution is just to find a way to specify a non-root account.
Upvotes: 1
Reputation: 27233
You can indeed use sudo to run the command with lowered privileges like this:
sudo -u USERNAME COMMAND
or better
sudo -u USERNAME -g GROUPNAME COMMAND
Note that this will require proper entries in the sudoers file.
If you don't know the name of a user and would like to just run the command with some lowered privileges you can use user nobody and group nobody or nogroup for that.
Upvotes: 4
Related Questions
- Running a bash script with root access in ubuntu
- Execute root command with no root user avoiding password prompt
- How to run specific command in shell script without sudo?
- Run command as root within shell script
- How to make a script run commands as root
- Writing a bash script that performs operations that require root permissions
- Execute single command in shell script without sudo
- How to execute commands requiring root privileges inside a script?
- How to run a command without sudo?
- How to become non-root in the middle of a shell script run as root? Possible?