Stop being root in the middle of a script that was run with sudo

后端 未结 2 526
逝去的感伤
逝去的感伤 2021-01-20 00:37

There is a list of commands that only succeed when they are prefaced with sudo.
There is another list of commands that only succeed when the user runs them

2条回答
  •  逝去的感伤
    2021-01-20 01:20

    In a script run by sudo, use:

    su -c "shell command; shell command" $SUDO_USER 
    

    within that script to execute commands as the normal user who invoked sudo.

    This works because sudo sets the environment variable SUDO_USER to the original username.

    If you have a bunch of commands to run as the original user, you could use a hereis document.

    Here is an example script file as proof of concept:

    myscript.sh

    #!/bin/bash
    echo "Part 1"
    echo "now running as:"
    whoami
    echo "SUDO_USER is:"
    echo $SUDO_USER
    su $SUDO_USER <

    And here's the output on sudo ./myscript.sh

    Part 1
    now running as:
    root
    SUDO_USER is:
    paul
    Part 2
    now running as:
    paul
    SUDO_USER is:
    SUDO_USER=paul
    Part 3
    now running as:
    root
    SUDO_USER is:
    paul
    

    Warning: This technique doesn't work so well with nested sudo. If sudo is nested twice, e.g.

    sudo su
    
    echo $SUDO_USER
    ---> me
    
    sudo su
    echo $SUDO_USER
    ---> root
    

    SUDO_USER will return root, not the original username. su $SUDO_USER would then keep running as root. Be careful to avoid that scenario, and it should work ok.

提交回复
热议问题