User Environment..
John E Hein at work
jhein at timing.com
Thu Jun 14 16:44:12 EDT 2001
Mamnoon. Ovace (BVSG) wrote at 15:41 +0100 on Jun 14:
> I am trying to setup sudo on a Dec Unix system. Everything works well except
> I cant figure out how to solve the below problem.
>
> In addition to running a command as a different user, I need to be able to
> load that users environment before the command can be run.
>
> I need to use something analogous to "su - <user> -c <command>" , currently
> when I run "sudo -u <user> <command>" the result is similar to running "su
> <user> -c <command>"..
>
> Can anyone help..
sudo is not itself a shell. That is, it doesn't read .login,
.cshrc, .profile, .bashrc, etc., files.
To do that you typically would use a shell, but you can certainly
reinvent a shell-like program to try to read what the user wants for
an environment from some files.
Here's a couple examples:
1)
assuming the user keeps his env in ~/.profile for bourne
shell, here's one way:
sudo -u foo -H env ENV=${HOME}/.profile sh -c 'some_command args ...'
2)
if you don't know/care what their shell is:
sudo su - foo -c 'some_command args ...'
This assumes that Dec Unix understands 'su -' to simulate a full login
for the user. And it assumes that the shell that the user employs groks
'-c' to run the named command (sh does, csh does, tcsh does, ksh does;
but that doesn't mean that the user doesn't run some home grown shell
that might not understand -c).
3)
do it yourself...
sudo -H -u foo read_in_users_env_and_exec_a_named_cmd
The 'read_in_users_env_and_exec_a_named_cmd' would have to assume that the
user's env is in a certain file(s) and would have to make a guess as to
the style of the env in that file(s) (csh style or bourne shell style,
etc.). Or you could have people keep their env in a shell-language
independent ~/.env file that 'read_in_users_env_and_exec_a_named_cmd'
can parse.
Without getting into any more detail, you can see that #3 is a pain,
and that's probably one reason why sudo doesn't try to read users'
env from some file in the user's home dir. That's what shells are for.
I think #2 is really what you want. It still uses
"su - <user> -c <command>", but just has sudo as a front end.
More information about the sudo-users
mailing list