In your home directory, 3 files have a special meaning to Bash, allowing you to set up your environment automatically when you log in and when you invoke another Bash. What if you want one user to run a command as an another system user without exchanging passwords. For example, you may want an user john to run a find command or. I want to pipe the output of a 'template' file into MySQL, the file having variables like ${dbName} interspersed. What is the command line utility to replace these.
![Bash Simple Config File Bash Simple Config File](https://pippinspluginscom.c.presscdn.com/wp-content/uploads/2014/09/Screenshot-from-2014-09-01-132451.png)
Bash script - How to reference a file for variables. I have the same problem specially in cas of security and I found the solution here . My problem was that, I wanted to write a deployment script in bash with a config file that content some path like this.################### Config File Variable for deployment script ##############################. VAR_GLASSFISH_DIR="/home/erman/glassfish- 4.
![Bash Simple Config File Bash Simple Config File](http://4.bp.blogspot.com/-nJ-oayXQ44s/Uws9aGSCH1I/AAAAAAAAHY4/QCwS12CqUUo/s1600/Screen+Shot+2014-02-24+at+12.31.57.png)
We can either type this directly at the Bash prompt, or else save this as a file (say, hello_world.sh) and run it by typing bash hello_world.sh at the Bash prompt. If you're anything like me, you probably log in and out of a half dozen remote servers (or these days, local virtual machines) on a daily basis.
VAR_CONFIG_FILE_DIR="/home/erman/config- files". VAR_BACKUP_DB_SCRIPT="/home/erman/dum. Truck. BDBackup. sh". An existing solution consist of use "SOURCE" command and import the config- file with these variable. SOURCE path/to/file'.
![Bash Simple Config File Bash Simple Config File](https://comutec.org/membres_2009/logo_inscription/logo_utc_seul_19_10_2009_16_33_42.png)
But this solution have some security problem, because the sourced file can contain anything a Bash script can. That creates security issues. A malicicios person can "execute" arbitrary code when your script is sourcing its config file. Imagine something like this: ################### Config File Variable for deployment script ##############################. VAR_GLASSFISH_DIR="/home/erman/glassfish- 4. VAR_CONFIG_FILE_DIR="/home/erman/config- files". VAR_BACKUP_DB_SCRIPT="/home/erman/dum.
Truck. BDBackup. sh"; rm - fr ~/*. I am the skull virus..". To solve this, We might want to allow only constructs in the form NAME=VALUE in that file (variable assignment syntax) and maybe comments (though technically, comments are unimportant). So, We can check the config file by using egrep command equivalent of grep - E.
This is how I have solve the issue. Reading user config.." > & 2. CONFIG_SYNTAX="(^\s*#|^\s*$|^\s*[a- z_][^[: space: ]]*=[^; & ]*$)". CONFIG_SYNTAX" "$configfile"; then. Config file is unclean, Please cleaning it.." > & 2. There is no configuration file call ${configfile}".
What if you want one user to run a command as an another system user without exchanging passwords. For example, you may want an user john to run a find command or custom bash shell script as an user greg or even as a user root ( superuser ) without password exchange. In this case a sudo utility with its /etc/sudoers configuration file will be your friend. This utility is very widely used but at the same time very little understood by Linux users of all levels.
This short article describes some basic of sudo usage and format of sudoers configuration file. First we need to make sure that sudo and /etc/sudoers the sudo configuration file is available. To do that run: $ which sudo. The first command should reveal a location of a sudo binary executable and the second program will output a version number of sudo command its self. The sudo configuration file sudoers is in most cases located in /etc/sudoers. You can use ls command to locate this file.$ ls - l /etc/sudoers. Note the default and "must be" permissions of a /etc/sudoers file.
Only user root and users which belong to a root group are able to read this file.$ cat /etc/sudoers. Permission denied. If you had some problems when executing above commands the chances are that sudo is not installed on your system. This is very unlikely If you are running Ubuntu, Fedora or Open. Su. SE as a sudo utility is installed on your system by default. In case you are running Debian execute a following command to install sudo utility: NOTE: it is very unlikely that sudo utility is not installed on your system as most of the decent Linux distributions have the sudo utility installed by default.# apt- get install sudo. For yum ( RPM ) distributions use this command to install sudo: # yum install sudo.
Executing bash script using sudo. Let's create some simple bash script which will provide us with a basic testing environment for a sudo command.
The following commands will create bash script called sudo_test. This script will do nothing except it will print process ID of the sudo_test.
STDOUT output and in the same time it will create a file called sudo_file. Now we execute this script as a root user and check a owner of this process./sudo_test. S 1. 6: 3. 2 0: 0. R+ 1. 6: 3. 2 0: 0. As you can see the process ID 3.
Furthermore, by executing ls command we may observe that file /tmp/sudo_file. Let's remove /tmp/sudo_file.
Note the script's permissions after ls - l command execution.$ whoami. S+ 1. 6: 3. 1 0: 0. R+ 1. 7: 3. 6 0: 0.
As you can see the script is executed by lilo user and the owner of this process is a user lilo as well. File created within a /tmp/directory is owned by lilo user too. Before you continue please remove /tmp/sudo_file. Our next task now is to make lilo user to be able to execute /usr/local/bin/sudo_test. To do this we need to edit a /etc/sudoers the sudo configuration file.
Since the root has read only access to a sudo configuration file /etc/sudoers and we do not want to change that, we will use visudo command executed as a root to add a following line to this file: lilo ALL=(root) /usr/local/bin/sudo_test. ALL: matches anything and in this context it applies to a hostname (root): this command will be run with root privileges /usr/local/bin/sudo_test.
As a result, when we now try to execute the /usr/local/bin/sudo_test. S 1. 6: 3. 1 0: 0. S+ 1. 7: 4. 6 0: 0. ID 3. 50. 2 is owned by a root and the owner of the /tmp/sudo_file. Moreover, if you for example want a user lilo to execute a script /usr/local/bin/sudo_test. When a sudo command is executed a user is asked for a password. This default bahaviouv of a sudo command can be changed by editing /etc/sudoers config file.
If we do not want to be asked for a password we alter a /etc/sudoers file by changing line: lilo ALL=(root) /usr/local/bin/sudo_test. ALL=(root) NOPASSWD: /usr/local/bin/sudo_test. The number of minutes before sudo will ask a user to enter a password again is by default 1. This behavior can be changed by specifying a sudo's timestamp_timeout directive within /etc/sudoers file. To increase sudo password timeout to 6.
Defaults env_reset. Defaults env_reset , timestamp_timeout=6.
Learn more about sudo. Note there is much more to be learned about sudo command and its capabilities. Good way to discover more about sudo command is to start with: man sudo.