Home / server / Questions / 252552
Accepted
Radek
Asked: 2011-03-28 20:05:48 +0800 CST

sudoers syntax to run shell script as php user?

  • 772

I want to run

  • a shell script restore
  • as postgres user
  • from php script (the user name is php)
  • using sudo (so password is not required)

the script will have few lines of code, something like

dropdb <database name>
psql -c "create database <database name> with encoding 'unicode';" -U edutemplate1
psql -d <database name> -f edu.hourly.sql
  • what would be the sudo command syntax to run the script restore

  • what would be the sudoers syntax to allow php user to run restore script as postgres user?

  • Sudo version 1.7.2p7

  • Linux testing 2.6.34-12-desktop #1 SMP PREEMPT 2010-06-29 02:39:08 +0200 x86_64 x86_64 x86_64 GNU/Linux

UPDATE

the first part of the question was already answered on SO sudoers-syntax-to-run-shell-script-as-php-user

UPDATE2

I added php ALL=(postgres) NOPASSWD: /usr/bin/id to /etc/sudoers and then did su php and then sudo -su postgres /usr/bin/id but I am asked for postgres' password. If I issue the same sudo command under the user root I will get correct output 'uid=26(postgres) gid=26(postgres) groups=26(postgres)'

UPDATE3

updating sudoers to php ALL=(postgres) NOPASSWD: ALL makes it work ...

sudo

2 Answers

  1. Best Answer

    See also this answer for a similar scenario.

    This goes in /etc/sudoers:

    php ALL=(postgres) NOPASSWD: /the/restore/script

    And you make php issue a command like this: sudo -u postgres /the/restore/script

    • 2

  2. You can do it from root "su $USERNAME -c "command"" anyway you can do it VIA sudo as well, if You can please describe what You wanna do exactly? For example from which user? is it require password? (you can define it in /etc/sudoers) By "php user" You mean www-data, or nobody or other user?

    • 0