Find the answer to your Linux question:
Results 1 to 3 of 3
Say you want to write scripts that will run every night, every week, or every month as a cron job. The problem is, you do not want to run them ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jan 2006
    Posts
    43

    Exclamation limited user account - ideas?


    Say you want to write scripts that will run every night, every week, or every month as a cron job. The problem is, you do not want to run them as root. I need your thoughts on how you would create a user that has just enough privileges to run a certain type of files, such as script files. Overall, just wanting to get some ideas on how you would implement a limited user for executing scripts.

    Let me know what you guys think

  2. #2
    Linux Guru Cabhan's Avatar
    Join Date
    Jan 2005
    Location
    Seattle, WA, USA
    Posts
    3,252
    Well, first off, you could always write a cron job as a regular user.

    One thing that you might try is creating a user but not assigning him a password. root will be able to su to that user (thus allowing him to execute cron), but no one else will be able to.

    If you want a real implementation of this, I'd go for a chroot jail. Only provide --x access to the scripts you want him to access, and keep everything out of his reach.

    Having said that, I've never had to do anything like this, so there may be better ideas.

  3. #3
    Just Joined!
    Join Date
    Jan 2006
    Posts
    43
    Quote Originally Posted by Cabhan
    Well, first off, you could always write a cron job as a regular user.

    One thing that you might try is creating a user but not assigning him a password. root will be able to su to that user (thus allowing him to execute cron), but no one else will be able to.

    If you want a real implementation of this, I'd go for a chroot jail. Only provide --x access to the scripts you want him to access, and keep everything out of his reach.

    Having said that, I've never had to do anything like this, so there may be better ideas.
    I am thinking more on the "permissions" side of things. Chrooting the user would be WAY overkill. Just wondering what shell, home directory, and set permissions one would set for this "limited" user.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •