Shulou(Shulou.com)06/01 Report--

This article mainly explains "how to run the program under the Linux system as other users". The content in the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "how to run the program under the Linux system as other users".

# 1:runuser command

The runuser command runs a Shell with an alternate user or group ID. This command is useful only for root users.

Run only as a session PAM hook, and there is no password prompt. If you use a non-root user who does not have permission to set user ID, this command will fail because the program does not have setuid. Because runuser does not run authentication and account PAM hooks, it is at a lower level than su.

Syntax:

Runuser-l userNameHere-c 'command' runuser-l userNameHere-c' / path/to/command arg1 arg2'

For example, as a root user, you might want to check the shell resource limits under the oracle user by typing:

# runuser-l oracle-c 'ulimit-SHa'

Or monitor the nginx or lighttpd web server restrictions:

# runuser-l nginx-c 'ulimit-SHa'

Or

# runuser-l lighttpd-c 'ulimit-SHa'

Sometimes, root users cannot browse NFS-mounted shares due to permissions (security) issues:

# ls-l / nfs/wwwroot/cyberciti.biz/http

Or

# cd / nfs/wwwroot/cyberciti.biz/http

Possible output:

-bash: cd: / nfs/wwwroot/cyberciti.biz/http/: Permission denied

Nevertheless, apache users are allowed to browse or access nfs-based systems mounted under / nfs/wwwroot/cyberciti.biz/http/:

# runuser-l apache-c'ls-l / nfs/wwwroot/cyberciti.biz/http/'

Or

# runuser-l apache-c'cd / nfs/wwwroot/cyberciti.biz/http/; vi index.php'

Using the runuser command, no password is required and can only be used under the root user.

Available options:

1.-l: make shell the login shell and replace the default with the runuser-l PAM file

2.-g: specify the primary group

3.-G addition group

4.-c: command, a single command to be passed to shell

5.-- session-command=COMMAND: use-c to pass a single command line shell without creating a new session

6.-m: do not reset environment variables.

# 2:su command

The su command allows you to become a superuser or substitute user (substitute user), cheat user (spoof user), set user (set user), or switch user (switch user). It allows a Linxu user to switch the current user to the target user you know the password, including the associated running console (console) or Shell. Its syntax is as follows:

Su-su-username

Switch to root user

The su command asks for the password of the target user. Type su-in your shell command line to switch to the root user (you must know the password of the root user):

Vivek@wks01:~$ su-

Or

Vivek@wks01:~$ su-root

Sample output:

Password: root@wks01:/root# logout vivek@wks01:~$

If you enter the correct root password, the ownership of the session will be changed to the root account. Enter logout to exit a root logged in shell, and enter the whoami or id command to verify the owner of the current session:

Whoami

Run the command with the root account

The syntax is:

Su-root-c "command" # OR su-c "command arg1"

Check the contents of the / root directory, which were originally inaccessible to ordinary users, and run:

Su-root-c "ls-l / root"

It is important to note that Linix and some Unix-like systems have a wheel user group, and only users in this group are allowed to switch to root using su.

Use the su command to get other users to run commands

The following command switches to the oracle account and displays a list of restrictions:

$su-oracle-c 'ulimit-aHS'

Similarly, if the correct oracle password is provided, the session ownership will become the oracle account. The log of the su command is kept in the system log, usually in / var/log/auth.log (Debian/Ubuntu) or / var/log/secure (RHEL/CentOS).

# 3:sudo command

Sudo executes a command as another user, but it follows a set of rules about which users can execute those commands with those other users. This rule is defined in the / etc/sudoers file. Unlike su,sudo, the user is authenticated by the user's own password rather than the user's password to be switched. When providing an audit trail command and their parameters, sudo allows a system administrator to delegate certain users (or user groups) permission to run certain (or all) commands as root or other users. This allows the specified command to be delegated to the specified user on the specified host without sharing a password among users. The syntax is as follows:

Sudo command

Refer to the following links for more information:

1. How to configure and use sudo tool 1 in Linux operating system

2. Sudo project home page 2

Considerations for GUI tools (front-end GUI for su and sudo)

The gksu command is the foreground of su, and gksudo is the front end of sudo. Their main purpose is to run graphical commands that require root permissions but do not need to run a X terminal emulator and use su directly. The syntax is as follows:

Gksu [- u] [options] gksudo [- u] [options]

Enter gksu only, and the following pop-up window will be displayed:

Figure 1: running gksu

You will then be asked to enter the password of the root user:

Figure 2:Gnome gksu's verification box for the target user

You can also run the following code directly:

Gksu-u root' ls / root'

Or, run the command as the oracle user:

Gksu-u oracle 'ulimit-aHS'

Or log in as root:

Gksu-u root-l Summary: runuser VS su VS sudo

Check the man help page for more information about su,sudo,gksu and the gksudo command.

Thank you for your reading, the above is the content of "how to run the program as other users under the Linux system". After the study of this article, I believe you have a deeper understanding of how to run the program as other users under the Linux system, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.