On 13/07/2016 18:42, wabe wrote:
Fernando Rodriguez <[email protected]> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 07/13/2016 07:10 AM, Alan McKinnon wrote:
On 12/07/2016 03:47, jens w wrote:
.procmailrc
:0 c
* !^X-Loop: [email protected]
| formail -X "From:" | $HOME/bin/script.sh
procmail.log
procmail: Executing " formail -X "From:" | $HOME/bin/script.sh
for incoming mail, a script is executed. logfile has the same
entry as it is in other users. but the script do nothing.
How executing a command as a nologin user?
You can't, not the way you are doing it.
You want to launch a shell script for the user, but the user's
shell is /sbin/nologin. This exits immediately without launching
the script.
Give the user a real shell.
Alan
I've been following this thread and thinking the same thing but
wasn't sure.
I don't think so. To proof it, I created this user:
nologinuser:x:1015:1016::/home/nologinuser:/sbin/nologin
Then I created this script:
#!/bin/sh
#
date >> /home/nologinuser/envars.txt
echo $HOME >> /home/nologinuser/envars.txt
echo $PATH >> /home/nologinuser/envars.txt
echo "-----------------------" >> /home/nologinuser/envars.txt
I stored it as /var/script-nologinuser/testscript.sh. I had to store
it at this place because /home is mounted with the noexec option on
my system.
Then I created a cronjob for the nologinuser user:
*/2 * * * * /var/script-nologinuser/testscript.sh
The result is the file /home/nologinuser/envars.txt with this
content:
Wed Jul 13 18:10:01 CEST 2016
/home/nologinuser
/usr/bin:/bin
-----------------------
Wed Jul 13 18:12:01 CEST 2016
/home/nologinuser
/usr/bin:/bin
-----------------------
The ownership and the rights for /home/nologinuser/,
/var/script-nologinuser/ and /var/script-nologinuser/testscript.sh
are nologinuser:nologinuser and 700.
So it seems, that it is possible to execute scripts without setting
a shell in /etc/passwd.
I don't know why it doesn't work for jens w.
Not so. Your script is launched by cron, running as root. It starts a
non-interactive no-login shell (that's why people have infernal trouble
with cron, assuming it has a $PATH when it actually has none)
