1
1
Using CentOs, I want to run a script as user 'training' as a system service. I use daemontools to monitor the process, which needs a launcher script that is run as root:
:
#!/bin/bash exec >> /var/log/training_service.log 2>&1 setuidgid training training_command
This last line is not good enough since for training_command, we need environment for training user to be set.
:
su - training -c 'training_command'
gives '
standard in must be tty
' as su making sure tty is present to potentially accept password. I know I could make this disappear by modifying /etc/sudoers a la Bash & 'su' script giving an error "standard in must be a tty" but i am reluctant and unsure of consequences.:
runuser - training -c 'training_command'
gives
runuser: cannot set groups: Connection refused
. I found no sense or resolution to this message.:
ssh -p100 training@localhost 'source $HOME/.bashrc; training_command'
I get Host key verification failed.
(the host key IS in known_hosts, etc).
Note: all of 2,3,4 work as they should if I run the wrapper script from a root shell. problems only occur if the system service monitor (daemontools) launches it (no tty terminal I guess).
I am stuck. Is this something so hard to achieve?
I appreciate all insight and guidance to best practice.
how about setuid/setgid flags? – Sampo Sarrala - codidact.org – 2012-06-08T10:52:23.030
@Sampo would you mind elaborating? as I said setuidgid not enough cos I need env. or you mean that flag on runuser? – Viktor Trón – 2012-06-08T10:57:19.643
I republished this as http://serverfault.com/questions/397031/run-script-as-another-user-from-a-root-script-with-no-tty-stdin
– Viktor Trón – 2012-06-12T19:12:34.563