On Wed, Apr 30, 2014 at 3:35 AM, Matthieu Guionnet
<[log in to unmask]> wrote:
> Hi Todd,
> why don't you just use setuid ?
> http://en.wikipedia.org/wiki/Setuid

Because the kernel does not permit this for scripts.

           http://www.krenel.org/setuid-and-shell-scripts-explained/

Setuid shell scripts are begging to have environment variables set to
abuse their suid privileges. There are *compelling* security reasons
not to permit it.


> You just change the script owner or group to root.
> And put the s bit with the chmod command.
> That's all.
>
> Matthieu.
>
> Le mardi 29 avril 2014 à 13:22 -0700, ToddAndMargo a écrit :
>> On 04/29/2014 12:37 PM, Mark Whidby wrote:
>> > On Tue, 2014-04-29 at 12:20 -0700, ToddAndMargo wrote:
>> >> Hi All,
>> >>
>> >> I have a bash script that need to be run as root.
>> >> In the script, I check to see if it is running as
>> >> root and flag the user to run appropriately.
>> >>
>> >> Is there a way to use "su" to prompt for the password
>> >> and continue the script if successful? (I would test for
>> >> $? after the prompt.)
>> >>
>> >> Currently "su" will just open a new shell as root.
>> >>
>> >> I can run a command inside "su", but what about the
>> >> other 200 lines of code?  :'(
>> >
>> > An interesting problem :-)
>> >
>> > Something like this seems to work but I haven't thought through
>> > the consequences of it, so be aware:
>> >
>> > -----cut here-----
>> > #!/bin/sh
>> >
>> > this_script=$(basename $0)
>> >
>> > if [ $(id -u) -ne 0 ]
>> > then
>> >    echo "Enter root's password"
>> >    su -c ./$this_script
>> >    exit
>> > fi
>> >
>> > echo "Hello world"
>> > echo "Running as $(id -u)"
>> > -----cut here-----
>> >
>> > You probably need to do something with $PATH to obviate the
>> > need for the "./" on the su line.
>> >
>>
>> Hi Mark,
>>
>> I get it.  Fascinating!
>>
>> If not root, call myself a second time with "su"
>>
>> Thank you!
>>
>> -T
>>
>