[[http://tmade.de|Home tmade.de]] [[http://wiki.tmade.de|Home Wiki]] ===== SU, SUDO ===== ==== su ==== Start a programm or script as user xy. Example: su - username -c /path/to/programm/or/binary su - oracle -c script.sh #Starts "script.sh" with user "oracle" su - user -c whoami su -s /bin/bash -c "/scripts/script.sh" mysql sudo -u mysql /scripts/script.sh ==== sudo ==== Execute a single command as root user. Example: sudo /etc/init.d/ssh restart sudo apt-get update sudo apt-get upgrade sudo apt-get install [package name] sudo apt-get remove [package name] sudo cp /var/lib/dpkg/available-old /var/lib/dpkg/available sudo rm /var/lib/dpkg/lock ==== sudoers ==== If you want to grant a permission - such as restart a service - as non-root you can edit the "/etc/sudoers" file: # User privilege specification root ALL=(ALL) ALL %wheel ALL=(ALL) NOPASSWD: ALL username ALL=NOPASSWD: /etc/init.d/tomcat6 restart username ALL=(ALL:ALL) NOPASSWD: ALL Full access for user "myuser" on host "myhostname": myuser myhostname=(ALL) NOPASSWD:ALL Allows running a script as root without any arguments. nrpeuser ALL=(root) NOPASSWD: /path/to/script "" Allows running a script as root with fixed arguments. nrpeuser ALL=(root) NOPASSWD: /path/to/script --option-1 "a" --option-2 "b" Allows running a script as root with any arguments. THIS COULD BE DANGEROUS AND IS _NOT_ RECOMMENDED! nrpeuser ALL=(root) NOPASSWD: /path/to/script If you want to grant permission to edit files and folders thereĀ“s "sudoedit". username ALL=NOPASSWD: sudoedit /srv/etc/tomcat/* To edit afterwards a file as "non-root" execute: sudoedit /path/to/file and vi commands (:w, :wq to save and exit). chmod: test ALL=(ALL) NOPASSWD: /usr/bin/chmod [0-7][0-5][0-5] /testfolder/* chown: test ALL=(ALL) NOPASSWD: /usr/bin/chown test\:test /testfolder/* **Pipe** with sudo as non root (user1 has "user1 ALL=(ALL) NOPASSWD: ALL" entry in /etc/sudoers!): sudo sh -c "cat id_rsa.pub >> /home/user2/.ssh/authorized_keys"