SCIENTIFIC-LINUX-USERS Archives

April 2014

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: How do I elevate in a script?
From:
olli hauer <[log in to unmask]>
Reply To:
olli hauer <[log in to unmask]>
Date:
Wed, 30 Apr 2014 20:33:22 +0200
Content-Type:
text/plain
Parts/Attachments:
text/plain (27 lines) 
On 2014-04-30 20:02, ToddAndMargo wrote:
> On 04/30/2014 10:38 AM, Jeffrey Anderson wrote:
>> It seems to me that having a shell script prompt for the root password
>> is a recipe for disaster, but you can easily check to see if the user is
>> already root, and bail if not.
>>
> 
> That is what I currently do.  I am just wanting to get fancy:
> 
> if [ -z "`/usr/bin/whoami | grep root`" ]; then
>    echo ""
>    # ErrorSound
>    echo 'Dude!  You must be root to do this.'
>    echo "Try"
>    echo "    su root -c \"updateffth $1\""
>    echo 'Exiting.   Bummer ...'
>    echo ""
>    Pause
>    exit 1
> fi
> 

sudo has the charm to create log entries, and can be easily automated.

What I miss in your example is a syslog call that someone unauthorized tried to execute the script.
Also I would replace pause with `sleep $num' or `read -t $num DUMMY' so in case the script is executed by cron it doesn't wait for a signal.

ATOM RSS1 RSS2