After working my way through my scripts, I've come to the conclusion
that it is easier for me to follow and maintain if every command is
always run as if by user 'tc'. This allows me to test my scripts from
the command line while logged in as tc, and it also ensures that files
created by any of my scripts are owned by tc as well.
I previously encountered problems when these scripts were run from a
cron job by user 'root', because i) the remote ssh had to be configured
for user root as well, and ii) any files created by those scripts would
be owned by root.
I'm still very much a learner when it comes to the world of Linux user
permissions, but I've found that forcing the scripts to run as if the
user tc was running them is one way to achieve consistency.
The way I've achieved this is to have a 'wrapper' script that is called
by cron (e.g. 0 2 * * * /home/tc/NightlyJobs.sh), and this script then
calls one or more other scripts using the 'sudo -u tc' prefix. Of
course, nothing is ever simple, and prefixing a command with 'sudo -u
tc' when already logged in as user tc seems to cause the command to
fail, so my solution is to check which user is calling the wrapper
script and then act accordingly, e.g:
Code:
--------------------
user=$(id | awk -F\( {'print $2'} | awk -F\) {'print $1'})
if [ $user = "tc" ]; then # BackupJobs.sh script can be run without
modification: output will belong to tc
echo "Running BackupJobs.sh as user tc"
/home/tc/BackupJobs.sh
elif [ $user = "root" ]; then # if called by root then force the
BackupJobs.sh script to be run as user tc, with 'sudo -u tc'.
echo "Running BackupJobs.sh as user root"
sudo -u tc /home/tc/BackupJobs.sh
fi
--------------------
I suspect that 'NightlyJobs.sh' could be prefixed with 'sudo -u tc' in
the cron command, as an alternative to the above check, but I haven't
tested that. And I also suspect that user tc could have its own
crontab, but again I haven't tested that.
I'd be very interested to hear 'best practice' suggestions for this type
of situation, since all of this is as much about learning a skill rather
as simply getting it working. The way I have it working at the moment,
just about everything on my music and backups drives is now owned by tc,
whereas previously everything seemed to be owned by root, meaning that I
often had to prefix simple commands like rm, mv etc with sudo.
------------------------------------------------------------------------
chill's Profile: http://forums.slimdevices.com/member.php?userid=10839
View this thread: http://forums.slimdevices.com/showthread.php?t=113676
_______________________________________________
unix mailing list
[email protected]
http://lists.slimdevices.com/mailman/listinfo/unix
