Priv scripts and sudo: Difference between revisions
(Created page with "Old World systems had a mechanism based around a program called <code>'''priv'''</code> which allowed unprivileged users to run scripts as root or as other users. New World systems can, nominally, use <code>sudo</code> instead, which achieves the same result. However, many long-term users are more familiar with <code>priv</code> and there are a large number of priv scripts in existence which do still-useful things. In particular, some priv scripts are used insid...") |
No edit summary |
||
| Line 1: | Line 1: | ||
[[Old World]] systems had a mechanism based around a program called <code>'''priv'''</code> which allowed unprivileged users to run scripts as root or as other users. [[New World]] systems can, nominally, use <code>sudo</code> instead, which achieves the same result. | [[Old World]] systems had a mechanism based around a program called <code>'''priv'''</code> which allowed unprivileged users to run scripts as root or as other users. [[New World]] systems can, nominally, use <code>sudo</code> instead, which achieves the same result. | ||
However, many long-term users are more familiar with <code>priv</code> and there are a large number of priv scripts in existence which do still-useful things. In particular, some priv scripts are used inside other scripts or programs, and finding and then rewriting all of these would be impractical. | However, many long-term users are more familiar with <code>priv</code> and there are a large number of priv scripts in existence which do still-useful things. In particular, some existing priv scripts are used inside other scripts or programs, and finding and then rewriting all of these would be impractical. | ||
In New World, <code>priv</code> has been re-implemented as a front-end to <code>sudo</code> which: | |||
# Takes an existing priv script, | # Takes an existing priv script, | ||
Latest revision as of 11:40, 22 August 2023
Old World systems had a mechanism based around a program called priv which allowed unprivileged users to run scripts as root or as other users. New World systems can, nominally, use sudo instead, which achieves the same result.
However, many long-term users are more familiar with priv and there are a large number of priv scripts in existence which do still-useful things. In particular, some existing priv scripts are used inside other scripts or programs, and finding and then rewriting all of these would be impractical.
In New World, priv has been re-implemented as a front-end to sudo which:
- Takes an existing priv script,
- Extracts the relevant configuration parameters from the script header,
- Creates a corresponding sudo configuration file in
/etc/sudoers.d, and then - Runs the original priv script by
sudo
Note that steps 2 and 3 are only performed if there is no corresponding sudo configuration file in /etc/sudoers.d OR if the priv script is newer than the sudo configuration file.
See New World file system layout for specific locations of the priv implementation and for priv scripts to consider as examples.