su options – running command as another user

I was wondering how to run a command as another user from a script.

I have the script’s owner set as root. I also have the following command being run within the script to run the command as the hudson user:

su -c command hudson

Is this the correct syntax?

Asked By: myusuf3

||

Yes. Here’s the --help:

$ su --help
Usage: su [options] [LOGIN]

Options:
  -c, --command COMMAND         pass COMMAND to the invoked shell
  -h, --help                    display this help message and exit
  -, -l, --login                make the shell a login shell
  -m, -p,
  --preserve-environment        do not reset environment variables, and
                                keep the same shell
  -s, --shell SHELL             use SHELL instead of the default in passwd

And some testing (I used sudo as I don’t know the password for the nobody account)

$ sudo su -c whoami nobody
[sudo] password for oli: 
nobody

When your command takes arguments you need to quote it. If you don’t, strange things will occur. Here I am —as root— trying to create a directory in /home/oli (as oli) without quoting the full command:

# su -c mkdir /home/oli/java oli
No passwd entry for user '/home/oli/java'

It’s only read mkdir as the value for the -c flag and it’s trying to use /home/oli/java as the username. If we quote it, it just works:

# su -c "mkdir /home/oli/java" oli
# stat /home/oli/java
  File: ‘/home/oli/java’
  Size: 4096        Blocks: 8          IO Block: 4096   directory
Device: 811h/2065d  Inode: 5817025     Links: 2
Access: (0775/drwxrwxr-x)  Uid: ( 1000/     oli)   Gid: ( 1000/     oli)
Access: 2016-02-16 10:49:15.467375905 +0000
Modify: 2016-02-16 10:49:15.467375905 +0000
Change: 2016-02-16 10:49:15.467375905 +0000
 Birth: -
Answered By: Oli

Note: “I have the script’s owner set as root” doesn’t do anything; even if you have the setuid bit set it still doesn’t work


Assuming you’re actually running the script as root, however, you can use sudo. su is primarily for switching users, while sudo is for executing commands as other users. The -u flag lets you specify which user to execute the command as:

sudo -u hudson command
Answered By: Michael Mrozek
Categories: Answers Tags: , , ,
Answers are sorted by their score. The answer accepted by the question owner as the best is marked with
at the top-right corner.