How do I run a command as a different user from a root cronjob?

cron root sudo nfs
33,779

Solution 1

su --shell=/bin/bash --session-command="/path/to/command -argument=something" username &

Works for me (CentOS)

Solution 2

Use su instead of sudo:

su -c "rsync ..." apache

Solution 3

By default on RHEL, sudo isn't allowed for processes without a terminal (tty). That's set in /etc/sudoers.

You can allow tty-less sudo for particular users with these instructions:

https://serverfault.com/questions/111064/sudoers-how-to-disable-requiretty-per-user

Solution 4

If you want to permanently enable you to fiddle around as apache:

chsh apache

this allows you to change the shell for the user

Solution 5

place it in /etc/crontab and specify apache instead of root in the user field

Share:
33,779

Related videos on Youtube

rob
Author by

rob

Updated on July 09, 2022

Comments

  • rob
    rob almost 2 years

    I seem to be stuck between an NFS limitation and a Cron limitation.

    So I've got root cron (on RHEL5) running a shell script that, among other things, needs to rsync some files over an NFS mount. And the files on the NFS mount are owned by the apache user with mode 700, so only the apache user can run the rsync command -- running as root yields a permission error (NFS being a rare case, apparently, where the root user is not all-powerful?)

    When I just want to run the rsync by hand, I can use "sudo -u apache rsync ..." But sudo no workie in cron -- it says "sudo: sorry, you must have a tty to run sudo".

    I don't want to run the whole script as apache (i.e. from apache's crontab) because other parts of the script do require root -- it's just that one command that needs to run as apache. And I would really prefer not to change the mode on the files, as that will involve significant changes to other applications.

    There's gotta be a way to accomplish "sudo -u apache" from cron??

    thanks! rob

    • Robert Deml
      Robert Deml almost 15 years
      Might be better served by moving this to SuperUser.com.
    • BryKKan
      BryKKan over 6 years
      This is an old question, but still found it pretty high in search ranks, and none of the answers address why root permissions didn't apply to the NFS mount. For anyone else stumbling on this, the reason is root_squash. This blog has a pretty decent explanation for why that option is necessary and usually set by default. fullyautolinux.blogspot.com/2015/11/…
  • rob
    rob almost 15 years
    Yes! But no. The apache user does not have a regular login shell, so the su -c syntax only returns "This account is currently not available". And altering the apache user's passwd entry for this purpose seems like a bad idea. Hm, I guess this question should be titled "How do I run a command as the apache user from a root cronjob?" And maybe it can't be done without introducing security holes?
  • Jukka Matilainen
    Jukka Matilainen almost 15 years
    Does it help if you explicitly specify the shell to be used with the -s switch (for example -s /bin/sh)? At least on Ubuntu this seems to help if the user in question does not have a valid shell in /etc/passwd.
  • Steve Tauber
    Steve Tauber almost 12 years
    I had to add export TERM=xterm; before my command inside the --session-command variable. Thus, I ended up with su --shell=/bin/bash --session-command="export TERM=xterm; /path/to/command -argument=something" username &
  • Lambart
    Lambart over 10 years
    Does not work on Ubuntu (12.04) as the su command doesn't support the --session-command option.
  • NoelProf
    NoelProf over 10 years
    to clarify the answer, in root's crontab, add the su --shell=/bin/bash --session-command="/path/to/command -argument=something" username

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Cron job as root need to sudo to another user
System Crontab or Root Crontab
Open file or application as root from GUI
How to run sudo command as root?
How to execute os.* methods as root?
Arch Linux sudo: command not found
Is the "--no-scripts" option enough to account for the security concerns about running composer as root?
Allow bash script to be run as root, but not sudo
How to add my user account to admin group (13.10 desktop)
Create zip files in /var/www/html using crontabs