[Tfug] Running logout scripts as root?
Eric Gearhart
eric at nixwizard.net
Sat Aug 16 19:25:20 MST 2008
Christopher Robbins wrote:
> I've got a logout script that I've written...It connects to a SMB file
> share (via mount-cifs) and then uses rsync to sync the directories.
> I'm using this as a way for my users to access their files offsite - they
> connect to the SSH server, copy files, then when they logout, we sync
> their file shares to this SSH server.
>
> Problem is...one needs to be root to run mount. Aside from adding
> my list of users to sudoers or giving everyone access to mount, is there
> an easy way to have the script executed as root?
>
> TIA
>
> - Chris
>
> --
> Chris Robbins
> Systems Programmer
> Department of English - University of Arizona
> http://www.homerengineeringcorp.net
Chris,
If you have your fstab settings right, a user doesn't have to be root to
run mount. I set something like this up for backups over CIFS between
two Linux servers (I happen to like CIFS over NFS even nowadays...)
# Samba mount
//fileserver/backup /backupmount cifs
auto,uid=usertomountas,gid=grouptomountas,file_mode=0664,dir_mode=0775,iocharset=iso8859-15,credentials=/etc/samba/sambapasswords
0 0
Does that help somewhat? The /etc/samba/sambapasswords mentioned in the
fstab entry have u/n and passwords stored, and are readable only by root
(for obvious huge security hole reasons)
I also think the previous suggestions of runing things SUID would work,
but I've seen a lot of Unix security pros swear against using SUID
Eric
More information about the tfug
mailing list