7
3
I need to run some command lines as particular user in a shell script.
I've found (at least) two way:
su user -c 'command'
runuser -l user -c 'command'
Is there a significant difference between this two commands?
Getz
Posted 2016-04-07T12:25:32.280
Reputation: 261
7
As already written in question comments, runuser is basically a su that doesn't use the PAM stack.
To provide a little more detail, as per blog post of Dan Walsh - one of runuser authors - it seems that runuser is actually compiled from su sources except with the PAM stack excluded from compilation. The difference is that using runuser instead of su can prevent some SELinux errors. That post also says this:
Whenever an service is running as root and wants to change UID using the shell it should use runuser.
When you are logged in to a shell as a user and want to become root, you should use su. (Or better yet sudo)
Radek Liska
Posted 2016-04-07T12:25:32.280
Reputation: 163
1Are you root when you're running them? If not
runusermight not be able to do what you want. You have to run it as a user who has the privs to set the UID to the target user, whilesuwill handle that for you – Eric Renouf – 2016-04-07T12:30:32.677From
man runuser: "The difference between the commands runuser and su is that runuser does not ask for a password (because it may be executed by the root user only) and it uses a different PAM configuration." – AFH – 2016-04-07T12:32:10.0071@EricRenouf Yes, I'm root. – Getz – 2016-04-07T12:32:09.860
1@AFH As root, su doesn't ask for a password too. – Getz – 2016-04-07T12:41:30.380
... which means that as root there is little difference, apart from the PAM configuration. – AFH – 2016-04-07T15:36:23.603