Set working directory of a command run via sudo

sudo

I have a command that I run via sudo. This command needs to have its working directory set to the directory where the command is installed. The user that calls sudo has no permissions in this directory so I can not cd beforehand.

So basically what I like to be able to inlude in /etc/sudoers is something like :

appuser localhost = (appowner) NOPASSWD: cd /opt/app/bin \; ./binary

I know I can use a wrapper script around binary but I would rather not… Any suggestions?

Best Answer

You will have to use a wrapper script. The parameters following the Runas Tag_Spec is interpreted as a Cmnd_List which is a list of commands that can be run by the specified user etc.

The solution is, as you note to use a wrapper script

appuser localhost = (appowner) NOPASSWD: /path/to/wrapper

Make sure that the wrapper script has suitable permissions and especially that it's not writeable.

Related Solutions

Ssh – Managing servers over ssh with PermitRootLogin=no

You could always login as a regular user and su root to the root user once you're in the server.

Centos – Problems restarting apache via PHP (even with sudo)

In the sudoers file (use visudo), below the extant defaults line, add:

defaults:www !requiretty

Actually, are you sure it's running as the "www" user? The default for CentOS is "apache". A little script to try:

<?php print system("whoami");?>

If it's not "www", just replace the "www" bit in sudoers, above.

Best Answer

Related Solutions

Ssh – Managing servers over ssh with PermitRootLogin=no

Centos – Problems restarting apache via PHP (even with sudo)

Related Topic