Running a unix command as non-root user

Question for the unix gurus out there.

I need to run a command as a non-root user. Should it be something like the following?

wait sudo - nonrootuser -c "command"

thanks in advance!

1 Like

Have you considered leveraging the override actionscript command with the RunAs=localuser option?

https://developer.bigfix.com/action-script/reference/execution/override.html

I had not, actually. Does the localuser option provide a full shell?

The challenge I have is that I need to do a bit of setup as root, before handing it off to the non-root user to execute a command only available to that user, and then follow up with some cleanup.

I think he RunAs=localuser option is possible but there are some limitations.

“Note: On UNIX and Linux the environment variables are not applied with the exception of required Xauthority variables. On such platforms a call is made to setuid to the id of the user identified as the current user for the XBESClientUI. This is a very specific and platform dependent scenario which requires the user to be logged on at the local console and running X Windows.”

I am not sure how in-depth you need to get, but the blow should work just fine in an actionscript.

wait /usr/bin/sudo su - username -c “/usr/bin/echo test>/tmp/test”

Thanks @Aram I may come back to it, if I am unable to solve it using shell script commands. @mangan, are sudo and su both required?

If ran as you posted above, you would get this in return:

“sudo: nonrootuser: command not found”

That’s good to know! Thanks @mangan

wait sudo - nonrootuser -c “command”

how to debug its problems ?
wait “working command” - how to check that ?
first of all you should check that “working command” really works…
run this command under root (bigfix runs it like root in action)
when it will work, put it back to action script and cross fingers :slight_smile:

because really there are doubts that your “sudo - nonrootuser …” is correct.
potentially you have thought about "su - nonrootuser -c ‘command’"
wait “su - nonrootuser -c ‘command’” - could have some sense