How to run a command as a specific user in an init script?
On RHEL systems, the /etc/rc.d/init.d/functions
script is intended to provide similar to what you want. If you source that at the top of your init script, all of it's functions become available.
The specific function provided to help with this is daemon
. If you are intending to use it to start a daemon-like program, a simple usage would be:
daemon --user=username command
If that is too heavy-handed for what you need, there is runuser
(see man runuser
for full info; some versions may need -u
prior to the username):
/sbin/runuser username -s /bin/bash -c "command(s) to run as user username"
Switch user in a init script?
I use this:
su -l $MUSER -c "myCommand args..."
Update: Since there is interest in this answer, I explain the way I use it here.
We run servers as normal linux users, not root. The username contains three parts:
service, customer, stage
This way we can run several services for several customers in one linux OS.
Example: foo_bar_p Service "foo" of customer "bar" and "p" means production
Here is the part of the init script. The init script can be executed as root or as foo_bar_p user:
# /etc/init.d/foo_bar_p-celeryd
# scriptname contains linux username
SCRIPT_NAME=`basename "$0"`
SYSTEM=${SCRIPT_NAME%*-celeryd}
U=`id -nu`
if [ ! $U == $SYSTEM ]; then
if [ $U == "root" ]; then
# use "-l (login)" to delete the environment variables of the calling shell.
exec su -l $SYSTEM -c "$0 $@"
fi
echo "Script must be run from $SYSTEM or root. You are '$U'"
rc_exit 1
fi
# OK, now I am foo_bar_p
cd
. $HOME/.bashrc
....
How to make my init.d script change users
Check out the following link for the 'DJB' way of starting up processes as other users:
http://thedjbway.b0llix.net/daemontools/uidgid.html
Also, see:
How to run a command as a specific user in an init script?
how to run a bash script at startup with a specific user on Ubuntu 12.04 (stable)
This may not be the best answer, but it is how I decided to complete this task:
Exactly as this post here:
how to run script as another user without password
I did use rc.local to initiate the process at startup. It seems to be working quite well.
Run Startup Script as another Windows user on Google Compute Engine
The account nt authority\system
is a built-in system account that is part of the Administrators group. This account is not a user. Google Compute Engine instances run startup scripts as this account.
Your question is not clear on what you mean by Administrator
account. This term is often used to mean a) The User Account named Administrator and b) An account with elevated permissions.
The startup system account is an Administrator, but it is not the user account named Administrator. These are different concepts. I do not recommend that you run scripts that require access to the user named Administrator. Instead, design your startup scripts to perform the tasks required as part of the system account.
Note that administrator accounts can have any name. The usage of Administrator
is a convention only. Startup scripts are not logged in as users, so your goal to run the startup script as the logged-in user (which is not logged in at that point in time) is not possible. You must know the username in advance, the username must have a password and must be enabled. None of which exist on the first startup of a new instance.
You can schedule a task to run as any username using the schtasks
command from a startup script. The user account must be enabled and have a password.
Windows Schtasks.exe
compute engine startup script can't execute as a non-root user
sudo su
is not a command run within a shell -- it starts a new shell.
That new shell is no longer running your script, and the old shell that is running the script waits for the new one to exit before it continues.
The sudo su
command will start a new shell. The old shell waits for the old one to exit and continues executing the rest of the code.
Your script is running in the 'old' shell, which means these commands:
cd /home/drupal
touch test.txt
are still executed as root and thus the owner of these files is root as well.
You can modify your script to this:
#! /bin/bash
sudo useradd -m drupal
sudo -u drupal bash -c 'cd ~/; touch text2.txt'
and it should work.
The -u
flag executes the command as the user specified, in this case 'drupal'
dev_appserver.py: Run init script from command line? (instead of interactive console)
Moving details from comments section to full answer
Don't know if that is possible but a possible workaround could be to put this code at the beginning of your main.py
or whatever is your main file.
The process then becomes - your app starts, loads your main file (maybe when someone visits your home page) which checks if a flag is set. If flag is not set, it runs your datastore init script and sets the flag (maybe the flag is set in datastore itself).
I had something similar to what I described but the code is triggered when you try to access the home page url.
Related Topics
How to Change Port Number for Jenkins Installation in Ubuntu 12.04
Check If File Is Open with Lsof
Determine If Relative or Absolute Path in Shell Program
Bash Print Stderr Only, Not Stdout
How to Load a Specific Version of R in Linux
Add Some Specific Time While Using the Linux Command "Date"
How to Keep Executable Code in Memory Even Under Memory Pressure? in Linux
Can Malloc_Trim() Release Memory from the Middle of the Heap
Newbie on Debian and Trying to Make Java 7 the Default Java Version Used
How to Launch Multiple Xterm Windows and Run a Command on Each, Leaving Each Window Open Afterward
How to Read the Second-To-Last Line in a File Using Bash
Avrdude: Ser_Open(): Can't Open Device "/Dev/Ttyacm0": Device or Resource Busy
Run Command 'At ' 5 Seconds from Now
How to Replace Single Quotes with Another Character in Sed
For Loop for Files in Multiple Folders - Bash Shell
How to Check If Find Command Didn't Find Anything
How Does Ancillary Data in Sendmsg() Work
Codeigniter Url Rewriting .Htaccess Is Not Working on Centos