0

There's a script that I don't own but I have an execute (and read) permission on it. I do not have any write permission on the file system. The script tries to create some files on the file system and then it deletes them.

Hence, when I run the script I get "permission denied" messages, since I don't have permission to write on the file system.

How do I solve this?

One thing that cannot change is, that I'm not allowed to ask for permanent write permission on the file system, for my user. But I want to be able to create files, in the case that it's done through the script.

  • If the changes that you suggest require to edit the script or its permissions, I can do it by asking the admin to do it for me. But generally the admin will not give me permanent write permission to any file on the system.
rapt
  • 11,810
  • 35
  • 103
  • 145
  • 1
    Can you write into /tmp? – Keith Feb 12 '13 at 01:38
  • They will not let me write at all on the server, unless it's done through a script (that they approved), or by the admin. Since it's a production server. I am going to be the one who will have to run the script later. – rapt Feb 12 '13 at 01:44
  • But can your script actually write to /tmp? – Keith Feb 12 '13 at 01:51
  • I can write on /tmp. But I thought there should be a way, if I have a permission to execute a script, to let me write to the file system through that script, even if I don't have a permission to write per se. Otherwise what is the point in the execute permission? – rapt Feb 12 '13 at 02:03
  • After looking at the comments below, it looks like you have to sit down with the administration of said system and hash things out for this to work. That, or apply what a student of mine described as "Error 256: User error. Change user and try again" (just replace "user" with "sysdamin" in the above...) – vonbrand Feb 12 '13 at 02:11

2 Answers2

2

You could ask your admin if he'd be willing to let you run this script, and only this script with sudo.

Since you can't modify the script, this could something they could consider once he approves the content of the script.

in /etc/sudoers

youruser ALL= NOPASSWD: /path/to/your/script

he could probably also restrict who the script runs as so you have only limited access, and not full root access.

Pascal Belloncle
  • 11,184
  • 3
  • 56
  • 56
  • I specified above, that I can change the script by submitting a request to the admin to do so. After the change is applied, I will have to be the one who tries to execute the script. – rapt Feb 12 '13 at 01:48
  • 1
    this doesn't change what I said above. Either the admin lets you run the script via sudo, or he has to run it himself, or give you more access. – Pascal Belloncle Feb 12 '13 at 01:50
1

It feels to me that it's worth looking for a folder somewhere that is available to users for this kind of access. It could be possible to write to a user/ or tmp/ directory perhaps? What is/are the path(s) you are trying to write to?

Failing that I would look into why the script needs to write to and delete a file. Is it possible to use something less persistent e.g. variables rather than writing to file and avoid having to write files at all? What sort/size of data are you writing?

Finally perhaps the system is locked down for a good reason and maybe you could find a more permissive system to use for your purposes. It sounds unusual to not let a user write to any file.

WorkingMatt
  • 639
  • 8
  • 24
  • I can try this if there's not other way to be able to write through the script. But I need at list one output file for logging purposes. Which is why I would prefer for it not to stay in the /tmp for too long. Since it will eventually be deleted. – rapt Feb 12 '13 at 02:06
  • Pascal Belloncle's idea is a good one. I will first try yours since the admins in the organization I work for are not east to communicate with. Then I will email the temp file to the people who need it. – rapt Feb 12 '13 at 02:35
  • Files in the tmp directory are automatically deleted, I think when the machine is rebooted. Is that OK for your purposes? – WorkingMatt Feb 12 '13 at 02:41
  • I will need the file for logging and statistics purposes. So I will add to the script something to email it to anyone who might need it. http://stackoverflow.com/questions/17359/how-do-i-send-a-file-as-an-email-attachment-using-linux-command-line – rapt Feb 12 '13 at 02:47