使用 sudo 运行时获取 shell 脚本
我想编写一个 shell 脚本来设置 Mercurial 存储库,并允许组中的所有用户 “开发人员”执行此脚本。
该脚本由用户“hg”拥有,运行时工作正常。当我尝试运行它时出现问题 对于另一个用户,使用 sudo,当它尝试获取另一个文件时,执行会因“权限被拒绝”错误而停止。
有问题的脚本文件:
create_repo.sh
#!/bin/bash
source colors.sh
REPOROOT="/srv/repository/mercurial/"
... rest of the script ....
create_repo.sh 和colors.sh 的权限:
-rwxr--r-- 1 hg hg 551 2011-01-07 10:20 colors.sh
-rwxr--r-- 1 hg hg 1137 2011-01-07 11:08 create_repo.sh
Sudoers 设置:
%developer ALL = (hg) NOPASSWD: /home/hg/scripts/create_repo.sh
我要运行的内容:
user@nebu:~$ id
uid=1000(user) gid=1000(user) groups=4(adm),20(dialout),24(cdrom),46(plugdev),105(lpadmin),113(sambashare),116(admin),1000(user),1001(developer)
user@nebu:~$ sudo -l
Matching Defaults entries for user on this host:
env_reset
User user may run the following commands on this host:
(ALL) ALL
(hg) NOPASSWD: /home/hg/scripts/create_repo.sh
user@nebu:~$ sudo -u hg /home/hg/scripts/create_repo.sh
/home/hg/scripts/create_repo.sh: line 3: colors.sh: Permission denied
因此脚本被执行,但在尝试包含其他脚本时停止。
我也尝试过使用:
user@nebu:~$ sudo -u hg /bin/bash /home/hg/scripts/create_repo.sh
给出相同的结果。
如果脚本可以通过 sudo 使用不同的用户运行,那么包含另一个 shell 脚本的正确方法是什么?
I would like to write a shell script that sets up a mercurial repository, and allow all users in the group
"developers" to execute this script.
The script is owned by the user "hg", and works fine when ran. The problem comes when I try to run it
with another user, using sudo, the execution halts with a "permission denied" error, when it tries to source another file.
The script file in question:
create_repo.sh
#!/bin/bash
source colors.sh
REPOROOT="/srv/repository/mercurial/"
... rest of the script ....
Permissions of create_repo.sh, and colors.sh:
-rwxr--r-- 1 hg hg 551 2011-01-07 10:20 colors.sh
-rwxr--r-- 1 hg hg 1137 2011-01-07 11:08 create_repo.sh
Sudoers setup:
%developer ALL = (hg) NOPASSWD: /home/hg/scripts/create_repo.sh
What I'm trying to run:
user@nebu:~$ id
uid=1000(user) gid=1000(user) groups=4(adm),20(dialout),24(cdrom),46(plugdev),105(lpadmin),113(sambashare),116(admin),1000(user),1001(developer)
user@nebu:~$ sudo -l
Matching Defaults entries for user on this host:
env_reset
User user may run the following commands on this host:
(ALL) ALL
(hg) NOPASSWD: /home/hg/scripts/create_repo.sh
user@nebu:~$ sudo -u hg /home/hg/scripts/create_repo.sh
/home/hg/scripts/create_repo.sh: line 3: colors.sh: Permission denied
So the script is executed, but halts when it tries to include the other script.
I have also tried using:
user@nebu:~$ sudo -u hg /bin/bash /home/hg/scripts/create_repo.sh
Which gives the same result.
What is the correct way to include another shell script, if the script may be ran with a different user, through sudo?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
可能发生的情况是,脚本尝试在当前目录中
source文件colors.sh并失败,因为它无权读取当前目录,因为sudo。尝试使用
source /home/hg/scripts/colors.sh。What is probably happening is that the script tries to
sourcethe filecolors.shin the current directory and fails because it doesn't have permission to read your current directory because ofsudo.Try using
source /home/hg/scripts/colors.sh.