Priv scripts and sudo

From techdocs
Revision as of 11:39, 22 August 2023 by Plinich (talk | contribs) (Created page with "Old World systems had a mechanism based around a program called <code>'''priv'''</code> which allowed unprivileged users to run scripts as root or as other users. New World systems can, nominally, use <code>sudo</code> instead, which achieves the same result. However, many long-term users are more familiar with <code>priv</code> and there are a large number of priv scripts in existence which do still-useful things. In particular, some priv scripts are used insid...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Old World systems had a mechanism based around a program called priv which allowed unprivileged users to run scripts as root or as other users. New World systems can, nominally, use sudo instead, which achieves the same result.

However, many long-term users are more familiar with priv and there are a large number of priv scripts in existence which do still-useful things. In particular, some priv scripts are used inside other scripts or programs, and finding and then rewriting all of these would be impractical.

So, in New World, priv has been re-implemented as a front-end to sudo which:

  1. Takes an existing priv script,
  2. Extracts the relevant configuration parameters from the script header,
  3. Creates a corresponding sudo configuration file in /etc/sudoers.d, and then
  4. Runs the original priv script by sudo

Note that steps 2 and 3 are only performed if there is no corresponding sudo configuration file in /etc/sudoers.d OR if the priv script is newer than the sudo configuration file.

See New World file system layout for specific locations of the priv implementation and for priv scripts to consider as examples.

Retrieved from ‘https://techdocs.cseunsw.tech/mediawiki/index.php?title=Priv_scripts_and_sudo&oldid=856