0

Not able to execute below touch command in same session of user - weblogic. Instead below touch command is executing on user - djaiswa2 and is failing [Because it is trying to access the path whose owner is weblogic].

[djaiswa2@cdcesb01 tmp]$ cat test.sh
#!/bin/bash
sudo su - weblogic;

touch /opt/middleware/.ssh/authorized_keys;
chmod 755 /opt/middleware/.ssh/authorized_keys;

[djaiswa2@cdcesb01 tmp]$ sh -x test.sh
+ sudo su - weblogic
Last login: Thu Aug 26 00:38:06 EDT 2021 on pts/0

-bash-4.2$ exit
logout
+ touch /opt/middleware/.ssh/authorized_keys
touch: cannot touch ‘/opt/middleware/.ssh/authorized_keys’: Permission denied
+ chmod 755 /opt/middleware/.ssh/authorized_keys
chmod: cannot access ‘/opt/middleware/.ssh/authorized_keys’: No such file or directory
Toto
  • 89,455
  • 62
  • 89
  • 125
Eagertolearn
  • 1
  • 1
  • When you put multiple commands in a script, the second one doesn't start until the first one exited; so _of course_ `touch` won't run until `sudo su` exits. – Charles Duffy Jul 29 '23 at 13:47

1 Answers1

1

You need to use su command with -c option to specify the commands to be executed.

for exampe:

sudo su - weblogic -c "touch /opt/middleware/.ssh/authorized_keys; chmod +x /opt/middleware/.ssh/authorized_keys"
Arnaud Valmary
  • 2,039
  • 9
  • 14
  • Asking password, if use suggestion. Whereas simply using sudo is not asking it. '[djaiswa2@cdcesb01 ~]$ sudo su - weblogic -c "touch /opt/middleware/test.txt; chmod 755 /opt/middleware/test.txt" We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for djaiswa2: [djaiswa2@cdcqa1esb03 ~]$ sudo su - weblogic Last login: Thu Aug 26 14:27:42 EDT 2021 from 10.13.217.115 on pts/0' – Eagertolearn Aug 26 '21 at 21:43
  • Can you please check that if you can here? – Eagertolearn Sep 01 '21 at 14:57
  • Thanks. But asking password, if i am using your suggestion. Simply using sudo is not asking it. ``` [drter2@cdadc01 ~]$ sudo su - weblogic -c "touch /opt/middleware/test.txt; chmod 755 /opt/middleware/test.txt" We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for drter2: [drter2@cdadc01 ~]$ sudo su - weblogic Last login: Thu Aug 26 14:27:42 EDT 2021 from 10.13.217.115 ``` – Eagertolearn Sep 25 '21 at 00:55
  • In [How to Answer](https://stackoverflow.com/help/how-to-answer), note the section _Answer Well-Asked Questions_, and therein the bullet point regarding questions "that have been asked and answered many times before". – Charles Duffy Jul 29 '23 at 13:49
  • @Eagertolearn, ...as to making sudo passwordless, that's a question of the contents of your sudoers file. Generally, you should have a separate `NOPASSWD:` entry in there for each individual command you want to allow to be run without a password, specifying the individual user authorized to run the script that invokes that command. – Charles Duffy Jul 29 '23 at 13:52
  • @Eagertolearn, ...I'd also urge you not to copy the `sudo su -` antipattern -- yes, it's all over, but it's a horrible practice. `sudo` itself can do everything `su` can, so there's never a need to combine them; `sudo -i` gives you an interactive shell, but _in a script_ you should be using `sudo -u weblogic touch /opt/middleware/.ssh/authorized_keys` and `sudo -u weblogic chmod +x ...` so that your `/etc/sudoers` entries are only giving access to run those _specific_ touch and chmod commands as the `weblogic` user from _one specific_ source user. – Charles Duffy Jul 29 '23 at 13:54