running su from a bash script

[caminoix]

hello

i'd like to write a script that would perform something as root but could be run by any user.
i've tried simply putting "su" into it but the script exits immediatel after i enter the password. "sudo" says i don't have the permission required.
how can i prompt for the root password, execute a root-only command and come back to the normal user from inside one script?

[Roxoff]

There are a couple of potential solutions here. You can use the sudo command so the users use 'sudo <bash_script>' to use the script, or you can set the ownership and sticky bit on the script so it always runs as root. For safety's sake you should use sudo.

[moonman89]

There are a couple of potential solutions here. You can use the sudo command so the users use 'sudo <bash_script>' to use the script, or you can set the ownership and sticky bit on the script so it always runs as root. For safety's sake you should use sudo.

I may be wrong, but as far as im aware, you would also have to add the users into the sudoers file.
cheers,
Nathan

[spoon!]

or you can set the ownership and sticky bit on the script so it always runs as root. For safety's sake you should use sudo.

You mean the setuid bit. If your script is written properly, there should be no security problems with the setuid bit, since many system programs, like su, sudo, passwd, etc., all function using the setuid bit.

[Dolda2000]

you can set the ownership and sticky bit on the script so it always runs as root.

That would be the SUID bit, not the sticky bit. However, that wouldn't work. For whatever strange reason, Linux only honors SUID/SGID on a.out and ELF files, not interpreted files...

[anomie]

For whatever strange reason, Linux only honors SUID/SGID on a.out and ELF files, not interpreted files...

Can't seem to locate a credible reference at the moment, but I remember reading that as of some kernel revision, support was dropped for the SUID bit on interpreted files (e.g. shell scripts).

The reason was/is that it is too difficult to harden these sufficiently.

[anomie]

... there should be no security problems with the setuid bit, since many system programs, like su, sudo, passwd, etc., all function using the setuid bit.

FWIW, the Bastille hardening program (http://www.bastille-linux.org/) recommends removing SUID bits even from a number of binaries, so they're definitely viewed as a security risk in some cases.

[mannahazarika]

Even I need the solution of this.

I have written a shell script to find the system information. For viewing certain information, it needs root priviledge.

So instead of throwing an error message, instructing the user to run it as root, what I want is that it should ask for the root password and after the jobs done it should exit the root mode. Isn't there any way to do it?

[valan]

The best way is probably to set it up in sudoers and run it with sudo. Or I think the -c option to su allows you to run a command as the other user.

[chuks]

[QUOTE=caminoix]hello

Hello Sir pls i am a beginger in linux,i have suse 9.0 now i installed it on my system but is not configured so have will i do the configuration on my system pls.You can send the spets to me with this E-mail address (chuksetunwa@yahoo.com)pls. sir.both the commands pls.

Thanks for helping me.
Yours friend Chuks.