1

This is what I'm trying to do in a script. It works here manually, but prompts me for a password. How do I:

  1. Create a new user
  2. With sudo privs
  3. Switch to that user

  4. Continue executing the rest of the script 

    sudo adduser centos
sudo passwd centos
usermod -aG wheel centos
sudo su centos

I have tried the following but in Centos 7 bash, --disabled-password and -gecos both say "option not found."

adduser --disabled-password --gecos "" username
jww
  • 97,681
  • 90
  • 411
  • 885
Mark Jones
  • 147
  • 2
  • 13
  • 1
    You don't want `--disabled-password`. That would let *anyone* access that user account without a password. – Charles Duffy May 08 '17 at 17:15
  • And by the way, it's not bash that provides `adduser` -- you'd have the same problem with CentOS 7 running `adduser` from any other shell, or running it without a shell at all (ie. with `subprocess.Popen(['adduser', ...], shell=False)` in Python). – Charles Duffy May 08 '17 at 17:15
  • Charles I don't really care because it's a vagrant box to setup a local instance for developers. They can do WHATEVER they want with the entire box. – Mark Jones May 08 '17 at 17:15
  • "run the rest of the script with this user", by the way, is best done by encapsulating the rest of your script in a heredoc. – Charles Duffy May 08 '17 at 17:16
  • Yeah, but you're running this from root, right? Moving from root to any other user doesn't require a password, so there's no point to making the account passwordless -- no password is needed whether the account has one or not. – Charles Duffy May 08 '17 at 17:16
  • (Similarly, if you're already root, you're better off not using `sudo` at all. And if you're *not* already root... well, since this is in Vagrant, why *aren't* you making yourself root in the first place?) – Charles Duffy May 08 '17 at 17:17
  • That makes sense – Mark Jones May 08 '17 at 17:18
  • (btw, `sudo su` is, generally, silly and needless; any modern `sudo` can do everything `su` can, so there's no reason at all to have `sudo` invoke `su`, instead of using `sudo -i` or similar). – Charles Duffy May 08 '17 at 17:19
  • I'm need the centos user because many other install scripts I"m using unfortunately have centos:centos permissions commands all over the place – Mark Jones May 08 '17 at 17:19
  • 1
    btw, see http://stackoverflow.com/a/24696790/14122 re: the "change to this user for the rest of the script" part of things. Personally, I think this question is too broad in scope to be a good fit as it is -- it's asking something like three different things, each of which has already been individually asked and answered elsewhere on the site. – Charles Duffy May 08 '17 at 17:21
  • Also see [Prompt for sudo password and programmatically elevate privilege in bash script?](https://unix.stackexchange.com/q/28791/56041), [How to enter password only once in a bash script needing sudo](https://askubuntu.com/q/711580), [Request root privilege from within a script](https://askubuntu.com/q/746350), [sudo with password in one command line?](https://superuser.com/a/67766/173513), [How to prompt user for sudo password?](https://stackoverflow.com/q/47538572/608639), etc – jww Mar 30 '18 at 17:54

1 Answers1

0

You don't need sudo su centos because your script would be interrupted by a terminal. If the following commands are actually "./install.sh" (like) that have to be started by "centos" user, then you can do the following modification:

sudo adduser centos
sudo passwd centos
usermod -aG wheel centos
sudo su - centos -c ./install.sh
sudo su - centos -c ./install_another.sh

sudo su - centos -c "./install_more.sh ; cd /tmp ; ./install_almostlast.sh"

sudo su - centos -c bash -c "cd /somewhere; ./install_more.sh
        cp /tmp/files /somewhere
        ./install_last.sh
        rm /tmp/install.sh"

Between double quotes you can write a whole script if you want and are careful of the content and quoting.

czvtools
  • 591
  • 2
  • 7