38

I am working on automating the creation of subversion repositories and associated websites as described in this blog post I wrote. I am running into issues right around the part where I su to the www-data user to run the following command:

svnadmin create /svn/repository

There is a check at the beginning of the script that makes sure it is running as root or sudo, and everything after that one command needs to be run as root. Is there a good way to run that one command as www-data and then switch back to root to finish up?

Brendon Dugan
  • 493
  • 1
  • 4
  • 6

4 Answers4

72

With 'su' is probably that request a password, and www-data doesn't have password. I recommend the command sudo:

 sudo -u www-data command

The condition is that your user must be root, or configurated in the sudoers file

futbolsalas15
  • 821
  • 1
  • 6
  • 3
42

Just use su - www-data -c 'svnadmin create /svn/repository' in your script run by root. So that only this command is run by www-data user.


Update for future viewers:

In case you receive a "This account is currently not available" error, consider using:

su - www-data -s /bin/bash -c 'svnadmin create /svn/repository'

( @Petr 's valuable mention about -s flag to accommodate www-data user's no login policy )

Iceman
  • 153
  • 1
  • 4
johnshen64
  • 5,747
  • 23
  • 17
  • 1
    Yeah, it appears I forgot a basic rule of scripting... RTFM. Thanks! – Brendon Dugan May 10 '12 at 18:18
  • 17
    Trying this, I get the error `This account is currently not available.` – rubo77 Nov 21 '15 at 12:10
  • I also get this error, but futbolsalas15's answer below works fine. – Andrew Feb 05 '16 at 04:00
  • 20
    Use `su - www-data -s /bin/bash -c 'your_command'` to make this work. User www-data has shell `/usr/sbin/nologin` so without the `-s` parameter it leads to the error message. – Petr Feb 19 '16 at 11:53
5

2 Possible approaches:


1) sudo command:

In most cases you will have access to the sudo command and so the solution is simply:

sudo -u target_user target_command


2) su command (if sudo not installed. Ex. alpine-linux images):

su - target_user -c 'target_command'

In case you receive a 'This account is currently not available' error, the user has a no login (shell access) policy in effect. If so, consider using:

su - target_user -s /bin/bash -c 'target_command'

(Based on @Petr 's valuable comment about -s flag to accommodate www-data user's no login policy)

Iceman
  • 153
  • 1
  • 4
3

Use su:

   su [options] [username]

   The options which apply to the su command are:

   -c, --command COMMAND
       Specify a command that will be invoked by the shell using its -c.
MikeyB
  • 38,725
  • 10
  • 102
  • 186
  • 3
    It should be noted that su commands don't work with accounts that have disabled logins (such as www-data). You'll have to use sudo. – Frantumn Jun 02 '17 at 14:46