[TriLUG] running script as mail alias, script running as specific user
Jeremy P
jeremyp at pobox.com
Mon Jan 14 16:58:49 EST 2002
On Mon, 14 Jan 2002, Jon Carnes wrote:
> I'm trying to setup an automated process using a email address. The email
> alias is something like:
> thetrees: "|/usr/local/sbin/thetrees"
>
> The script thetrees in /usr/local/sbin needs to run as a specified user.
> The user should be "lorax". How do I let the lorax speak for thetrees?
ISTR you use sendmail. If so, you'll need to put the script in /etc/smrsh
(or at least put a symlink there). Then, in the alias file call it
something like "|/etc/smrsh/thetrees". By default, the script will run as
user "mail".
> I've tried using chmod u+s on the script, and setting the user to lorax, but
> that is not working.
The kernel disallows suid shell scripts.
You might be able to setup something with "sudo" (to allow uid mail to run
something as lorax). But I don't know if there's a way of stopping sudo
from asking for the user's password. You could always rewrite your script
in C, and then suid that C program. You could also have it check to be
sure it was started as "mail" so no one else can invoke it. But this gets
complicated!
--Jeremy
More information about the TriLUG
mailing list