Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

Confusion with "su -c" and quotes, user context switching?

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Confusion with "su -c" and quotes, user context switching?
# 1  
Old 05-28-2013
Confusion with "su -c" and quotes, user context switching?
Trying to execute commands for different Unix user with that user's environment variable context without fully switching as that user using sudo && su capabilities.
Hoping this would help with security and not having to waste time switching between 10 different app users on same server.

I do not understand why 'ls' command would not get executed, but 'ls -l' would from below output!?..
Does anyone know why?

( Using solaris8, ksh Version: M-11/16/88 )
Code:
 
/home/userA>sudo -l
(root) /usr/bin/su - userB *
 
/home/userA>sudo /usr/bin/su - userB '/bin/ls' 
ksh: ls: cannot execute
 
# double quotes do not make any difference
/home/userA>sudo /usr/bin/su - userB "/bin/ls"
ksh: /bin/ls: cannot execute
 
 # Here " -c " option makes this work !
/home/userA>sudo /usr/bin/su - userB -c '/bin/ls'
folderA folderB fileA fileB ...
 
# giving command options make this work.. why?
/home/userA>sudo /usr/bin/su - userA '/bin/ls -l' 
drwxr-x--x 8 userB groupX 8192 Jan 1 00:20 BKUP
..........

Please explain what difference does "-c" really make?
I am able to execute commands as a sudo userB and his env variables(.profile, .login etc) without "-c" option as well.

[QUOTE]
/home/userA> man su
.........
Example 2: Becoming User bin and Changing to bin's Login
Environment
To become user bin but change the environment to what would
be expected if bin had originally logged in, execute:
example% su - bin
Example 3: Executing command with user bin's Environment and
Permissions
To execute command with the temporary environment and per-
missions of user bin, type:
example% su - bin -c "command args"
[/QUOTE]
Last edited by kchinnam; 05-28-2013 at 09:02 PM.. Reason: formatting
# 2  
Old 05-28-2013
This is how I do it:

Code:
 
su -c 'command-to-be-run-under-new-user' new-user

# 3  
Old 05-28-2013
I just tried your way of doing it,, it seems even worse, at least on my server..
Code:
 
/home/userA>sudo /usr/bin/su -c '/bin/ls -l' userB
Sorry, user userA is not allowed to execute '/usr/bin/su -c /bin/ls -l userB' as root on serverX.

Most of the commands I tested so far are working fine with either --> su - <userid> '<command>' or su -c <userid> '<command>'.

My problem is why a simple command like 'ls' would not work but 'ls -l' does, making this a scary half baked solution..
# 4  
Old 05-28-2013
Quote:
Originally Posted by kchinnam
Code:
  
/home/userA>sudo /usr/bin/su - userB '/bin/ls' 
ksh: ls: cannot execute

That's asking ksh to interpret ls, which it cannot do because /bin/ls is not a ksh script; it's a binary executable.

Compare
Code:
ksh /bin/ls

versus
Code:
ksh -c /bin/ls

Regards,
Alister
This User Gave Thanks to alister For This Post:
kchinnam
# 5  
Old 05-29-2013
Got it.
ksh man page is more clear about what ' -c ' does ---->
Code:
 -c command-string the shell executes the command(s) contained in command-string

If I put a space character after 'ls', its working, does space tell shell that its not a script, but its a command !?
Code:
 
/home/userA>ksh 'ls'    
ksh: ls: cannot execute
/home/userA>ksh 'ls '
folderA folderB fileA fileB ...

Last edited by kchinnam; 05-29-2013 at 12:46 AM.. Reason: updated statements
# 6  
Old 05-30-2013
This is indeed an undocumented(?) feature of ksh,
and is also implemented in pdksh. (But not implemented in sh,bash,zsh.)
Code:
ksh "command args"

behaves like
Code:
ksh -c "command args"

and it is sufficient to provide a space without args
Code:
ksh "command "

But better use the explicit -c because it works with all shells!
These 2 Users Gave Thanks to MadeInGermany For This Post:
alister kchinnam
# 7  
Old 06-03-2013
Appreciate you taking time to clarify this.. I will make a note of it and use 'su -c'.
Last edited by kchinnam; 06-03-2013 at 08:19 AM.. Reason: grammar
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Bash script - Print an ascii file using specific font "Latin Modern Mono 12" "regular" "9"

Hello. System : opensuse leap 42.3 I have a bash script that build a text file. I would like the last command doing : print_cmd -o page-left=43 -o page-right=22 -o page-top=28 -o page-bottom=43 -o font=LatinModernMono12:regular:9 some_file.txt where : print_cmd ::= some printing... (1 Reply)
Discussion started by: jcdole
1 Replies

2. UNIX for Dummies Questions & Answers

Using "mailx" command to read "to" and "cc" email addreses from input file

How to use "mailx" command to do e-mail reading the input file containing email address, where column 1 has name and column 2 containing “To” e-mail address and column 3 contains “cc” e-mail address to include with same email. Sample input file, email.txt Below is an sample code where... (2 Replies)
Discussion started by: asjaiswal
2 Replies

3. UNIX for Dummies Questions & Answers

What is the significance of sh -s in ssh -qtt ${user}@${host} "sh -s "${version}"" < test.sh?

Please can you help me understand the significance of providing arguments under sh -s in > ssh -qtt ${user}@${host} "sh -s "${version}"" < test.sh (4 Replies)
Discussion started by: Sree10
4 Replies

4. UNIX for Dummies Questions & Answers

Egrep confusion with "I" and "-I" pattern

I am executing following command egrep -w I filename.txt the filename.txt has following data .... -I 07-18 08:31:19.924 9880 6 SessionManager ConnectConfig: ConfigurationWebService LoginResults=SuccessfulLogin I am so hungry that I need to eat I expect egrep to print only the second... (1 Reply)
Discussion started by: VBG
1 Replies

5. Shell Programming and Scripting

awk command to replace ";" with "|" and ""|" at diferent places in line of file

Hi, I have line in input file as below: 3G_CENTRAL;INDONESIA_(M)_TELKOMSEL;SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL My expected output for line in the file must be : "1-Radon1-cMOC_deg"|"LDIndex"|"3G_CENTRAL|INDONESIA_(M)_TELKOMSEL"|LAST|"SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL" Can someone... (7 Replies)
Discussion started by: shis100
7 Replies

6. Shell Programming and Scripting

Removal of comma(,) present inbetween double quotes(" ")

Hi Experts, I have a file with some of the records contain double quotes. If I found a double quote(") in any particular record , I need to look for the next double quote in that particular record and in between these quotes, if any comma(,) is there I need to replace with Tilde (~) in the same... (12 Replies)
Discussion started by: vsairam
12 Replies

7. Shell Programming and Scripting

comparing scalars contaning "DOUBLE QUOTES" as data

Hello to all, Does anyone know the solution ? Two strings A and B are present. I want to check whether B is a Substring of A. 1. The value of A is - 29 * * * /bin/ls "test" "tmp*" "log*" (Note: Pl note that A contains DOUBLEQUOTES, ASTERISK & FRONTSLASH) 2. The value of B is -... (5 Replies)
Discussion started by: rssrik
5 Replies

8. UNIX for Dummies Questions & Answers

Explain the line "mn_code=`env|grep "..mn"|awk -F"=" '{print $2}'`"

Hi Friends, Can any of you explain me about the below line of code? mn_code=`env|grep "..mn"|awk -F"=" '{print $2}'` Im not able to understand, what exactly it is doing :confused: Any help would be useful for me. Lokesha (4 Replies)
Discussion started by: Lokesha
4 Replies

9. Shell Programming and Scripting

communicating wth another user aside from "wall" and "write"

Hi, Can anyone suggest a Unix command or c-shell algorithm to simulate to behavior of "wall" command minus the "all users"? What I'm trying to do is to send a notice to just one particular user but i dont want other remotely-logged-on users to receive the message (on the pseudo-terminals). I... (6 Replies)
Discussion started by: Deanne
6 Replies
Login or Register to Ask a Question