User Permitted To Run Command,execute Program As Root And After Execution, Exit Root

when a command is typed(i.e. /path/to/the/program), as a normal user, he should be able to run that command , execute that program as ROOT and log out root after the execution is completed.
Only one user should be able to do it.
Hence, I have created a new user vj and added the following command in visudo:
Code:
vj ALL=(ALL) NOPASSWD: /path/to/the/program

Now user vj will be able to typein the command.

What I need is that the program which is been called must run as if it is run by a root user,and when the program is completely executed, exit the root user.

How do I proceed?


Similar Content



Become A Root Wiht Public Key Access

Hello Everyone,

I have a question about how to give sudo privileges to a user that log in via public key without password.

I created a normal user and I added this user to the "visudo" folder with ALL privileges.

when the user is logged in the system via public key and the user wants to become a root, a password is requested but i don't want to type the password.

Also to add the public key to the root it is not possible because i track the user log in in the system and if they log via root i cannot do that.

Thank you in advance.

Why Should I Always Use Chmod When Not As A Root User

System Info:

I have normal user in CentOS 7 whose name is "mostafa" (the name of the account).

I naturally have another user called root with all privileges. User "mostafa" is put into sudoers file, too.

The OS is installed in VmWare, so the system is all mine.

Problem:

Now I create a file with touch file.sh and put a command in it, but when I want to run it with Code:
sudo ./file.sh

, an error is shown that the command Code:
./file.sh

does not exist. But if I Code:
 sudo chmod 777 ./file.sh

then it gets run. My question is that, why should I use Code:
chmod 777

when I myself have created the file, and I am in sudoers.

Can anyone explain me why shuold I still use Code:
sudo chmod 777

when the creator of the file is me.

Setting Root Password

Wow, I got my new Linux pc yesterday and it's very very fast. It's faster than my new MacBook.
So I go to the user account which also says administrator so I'm presuming that's the root owner?????? and I typed in my name and changed the password. The guy who sold it to me named the password user and the computer user. Yet when I go to the terminal my username and computer is still called user@user
How do I change the root password and computer name?

Setting Root Password

Wow, I got my new Linux pc yesterday and it's very very fast. It's faster than my new MacBook.
So I go to the user account which also says administrator so I'm presuming that's the root owner?????? and I typed in my name and changed the password. The guy who sold it to me named the password user and the computer user. Yet when I go to the terminal my username and computer is still called user@user
How do I change the root password and computer name?

Normal Linux User Recursively Write Access To Apache Document Root

I tried adding two users in apache group and given 775 permission to Document root but user is not able to write into files in DocumentRoot

Tried adding user and DocumentRoot Folder in sudo file but not able to do it recursively

please help


Thanks for reply,
I have already given chmod 775 -R DocumentRoot - for recursively writting permission
You have told to add user in www-data group and chmod 775 -R to DocumentRoot
usermod -a -G www-data <user1>

How can users in www-data can able to write in DocumentRoot which has apache:apache owner and group
please clarify...

Done below steps to solve this:
1) I have created a new group webdata and added required users in this group
2) set sticky bit to document root with below command
setfacl -m g:webdata:rwx -R /path/to/documentroot/
this command will set rwx permission to DocumentRoot so that members in webdata can have full access but still DocumentRoot user and group will be apache

What Exactly Is PATH

books say that PATH variable contains the locations where the shell searches the commands to execute them.

I created a shell script and saved it in /home/user/Downloads directory and then i ran this script from the /home/user/Downloads directory. It did not execute.

however when i did set the path
export PATH=$PATH:/bin/sh within /home/user/Downloads directory, the shell script executed. Does it not mean that PATH variable is holding the locations of the shell program rather than the commands that are to be executed?

everytime i have to give the location of the shell i.e /bin/sh in the PATH variable no matter from where i am executing my script

Setfacl Help

I can't believe I wrote a looong message and it logged me out when I tried to submit it.

So anyway, in short lines:

- I have a network of sites where all sites share same "images" folder
- I have created /home/_images/entities and symlinked it from all websites
- It works great with Apache, when I open /images/ on any of the sites I get list of images and can view them

The problem is suPHP which changes process ID of the PHP script to the file owner ID, so when I load site1.com, all scripts are executed as user1 (and files/folders created with those scripts belong to user1:user1). When I load site2.com, all scripts are executed as user2 (and files/folders created with those scripts belong to user2:user2). All these users do NOT belong to the same group, and I wouldn't like to change that as it is cPanel/WHM server so I'm afraid I'll screw something up if I change (primary?) group of all users.

Therefore I need to set it up in such way that all newly created folders and files under /home/_images/entities (owned by root) have read/write permissions for everyone.

Here's the command I used:

Code:
setfacl -Rdm o::rwx /home/_images/entities

To check it:
Code:
root@server1 [~]# getfacl /home/_images/entities/
getfacl: Removing leading '/' from absolute path names
# file: home/_images/entities/
# owner: root
# group: root
user::rwx
group::rwx
other::rwx
default:user::rwx
default:group::rwx
default:other::rwx

This looks fine, however when I try upload an image via site1.com it looks like this:

Code:
root@server1 [/home/_images/entities]# ls -l
total 24
drwxrwxrwx+ 5 root    root    4096 Jan 14 06:25 ./
drwxrwxrwx  5 root    root    4096 Jan 12 13:08 ../
drwxrwxr-x+ 3 user1   user1   4096 Jan 14 06:25 1/

And in folder "1" is the image (and thumbs folder):

Code:
root@server1 [/home/_images/entities/1]# ls -l
total 236
drwxrwxr-x+ 3 user1   user1     4096 Jan 14 06:25 ./
drwxrwxrwx+ 5 root    root      4096 Jan 14 06:25 ../
-rw-rw-rw-  1 user1   user1   225569 Jan 14 06:25 689048f221ab7c556f4d482a9d92b2d6.jpg
drwxrwxr-x+ 2 user1   user1   4096 Jan 14 06:25 thumbs/

My questions:

1) Why newly created folders do not have "write" permissions for everyone else [not user and/or group]? If I upload first image from site1.com, then I can't upload other images from any other site, while all sites can display them.

2) What is the + at the end of permissions list? (drwxrwxr-x+)

3) Why newly created files have only "rw" permissions for user, group AND everyone else, and not execute permissions? I don't actually need execute flag set here, but from my command you can see I've set "o::rwx" so it should be there (or not?)

Actually the real problem is #1 - other users can't write to this folder so users can't upload images from other sites nor other sites can create (missing) thumbnails.

Execute Script On Mysql Exit

Hello,

In debian I created a new user "myUser".

In /home/myUser/.profile

I added "mysql -u user -password"

So automatically after login to linux terminal the user is logged in mysql command line.

What I need to do is to exit terminal after user exit mysql, so he want have access to comand line.

Sending Mail From Command Line

I searched the forums for my title and I am not finding exactly what I am looking for. I am not using a program to send mail, such as Thunderbird or whatever. I simply want to be able to send mail from my Ubuntu 14.04 DESKTOP version for logging. I use a program called Logwatch (used alot in RHEL or CentOS) to monitor the server itself. The program sends mail to the root user account on the machine, which I can check and see, and within the program conf file, I can add an external email address, but it never sends.

I'm familiar with the SMTP concept of sending mail, outgoing mail server authentication, etc. I don't care to run this box as an SMTP server, but I understand that I need some sort of SMTP or MTA program to send mail into the real world. I tried Postfix but couldn't get that to work, and the Logwatch program wants to use sendmail, so I installed that but I am having the same issue. I am sure it is a step I am missing.

I also can't figure out how to get the 'mail' cmd from Terminal to work. I use this command:
Code:
mail -s "test" | /usr/sbin/mail myemail@domain.com

it follows through the subject, CC, body, but when I try to hit either . or CTRL-D, it never sends the email, in fact is does nothing.

I also tried sendmail with this command:
Code:
sendmail -v my@email.com < /dev/null

I was just trying to send a test email. It logs into my SMTP mail server, which I already configured, and it tells me to type out the mail, then end with a "." by itself on a single line. I try this and it just sits there.

I am missing SOMETHING when trying to actually send the mail. I can get it written with subject and body, connected, but it never sends and I am probably missing a / or something.

I did find and follow these instructions, but it still isn't working with sendmail. If I need to go back to Postfix, I can do that, I don't honestly care what I use, I just want some programs such as Logwatch to be able to email me.
http://stackoverflow.com/questions/1...mail-on-ubuntu

Sed: Transforming 'ls-laR' Output Into A List With Absolute Paths

Hello, this is my first post
First i would like to thank you all for answering other people questions because I've been able to learn from the forum a lot.

I need your help with something.
I have standard output from 'ls -laR /etc' command which looks like this:
Code:
/etc/X11/xorg.conf.d:
total 4
drwxr-xr-x. 2 root root  29 Apr  1 00:46 .
drwxr-xr-x. 5 root root  54 Apr  1 00:43 ..
-rw-r--r--. 1 root root 232 Apr  1 00:46 00-keyboard.conf

/etc/xdg:
total 12
drwxr-xr-x.  4 root root   36 Apr  1 00:43 .
drwxr-xr-x. 87 root root 8192 Apr 12 13:53 ..
drwxr-xr-x.  2 root root    6 Jun 10  2014 autostart
drwxr-xr-x.  2 root root   17 Apr  7 01:25 systemd

by using sed command:
Code:
sed -e '/./!d' -e '/^total/d' -e '/\.$/d' -e 's/:$/\//' list.txt

I have transformed it to the following form:

Code:
/etc/X11/xorg.conf.d/
-rw-r--r--. 1 root root 232 Apr  1 00:46 00-keyboard.conf
/etc/xdg/
drwxr-xr-x.  2 root root    6 Jun 10  2014 autostart
drwxr-xr-x.  2 root root   17 Apr  7 01:25 systemd

and now I would like to achieve absolute paths at the end of each row

Code:
-rw-r--r--.  1 root root  232 Apr  1 00:46 /etc/X11/xorg.conf.d/00-keyboard.conf
drwxr-xr-x.  2 root root    6 Jun 10  2014 /etc/xdg/autostart
drwxr-xr-x.  2 root root   17 Apr  7 01:25 /etc/xdg/systemd


How do I join(merge) filenames with corresponding absolute path to their parent directory?



I know how to extract filenames using awk and get this:
Code:
00-keyboard.conf

autostart
systemd

but I don't know what to do next. Should I use some hitech sed option or go for loop or try with arrays? Help. Heeeelp