I have a node js script that listens on a certain port.
If this script receives a json file it needs to execute a deploy script in a users home dir.
The node script runs under node_user.
The homedir is user_b.
I set up an acl so that user 'node_user' can access user 'user_b' dir and execute the deploy script.
setfacl -m u:node_user:rx deploy.sh
also set the uid on the deploy script so it should be execute under the user it is owned by (user_b): chmod u+s deploy.sh
when i test it the deploy script is executed so sufficient rights there but the script is still being executes as node_user and not as its owner (user_b)
i verified this with: watch -n1 'lsof | grep deploy.sh'
I'm wondering if anyone knows why it doesnt work as expected.
stat deploy.sh
File: ‘deploy.sh’
Size: 918 Blocks: 8 IO Block: 4096 regular file
Device: fd00h/64768d Inode: 25242546 Links: 1
Access: (4750/-rwsr-x---) Uid: ( 1003/ user_b) Gid: ( 1005/ user_b)
getfacl deploy.sh:
# file: deploy.sh
# owner: user_b
# group: user_b
# flags: s--
user::rwx
user:node_user:r-x
group::r-x
mask::r-x
other::---