Can't seem to run command in bash resource as another user?

Hi,

I am trying to implement a recipe for installing an application, but I have to run the installer .bin file (in the /tmp/app) as a specific user “appuser”,

I’m doing this in a bash resource, and have tried:

bash 'xxx" do
cwd "/tmp/app"
code <<EOH
su - appuser
./app.bin…
EOH
end

But that doesn’t seem to be work (I get an explicit error from the app in the bash resource saying that I have to not be root when I run the app).

I’ve tried some things I’ve found from googling, such as:

bash “installxxxx” do
user "appuser"
cwd "/tmp/app"
environment ({ ‘HOME’ => ::Dir.home(‘appuser’), ‘USER’ => ‘appuser’ })
code <<-EOH
./app.bin…
EOH
end

and that if failing because it seems to still be writing some files with “root” ownership, rather than with “appuser” ownership.

Can someone tell me why this (the “su - appuser” isn’t working and also how can I get it to work?

Thanks,
Jim

I’ve tried some things I’ve found from googling, such as:

bash “installxxxx” do
user "appuser"
cwd "/tmp/app"
environment ({ ‘HOME’ => ::Dir.home(‘appuser’), ‘USER’ => ‘appuser’ })
code <<-EOH
./app.bin…
EOH
end

That’s the right approach, though there’s no reason to set those 2
environment variables.

and that if failing because it seems to still be writing some files with “root” ownership, rather than with “appuser” ownership.

Are you making /tmp/app in Chef and specifically setting the 'owner’
attribute to ‘appuser’ as well? What files are coming up root-owned?


Jeff Blaine
kickflop.net
PGP/GnuPG Key ID: 0x0C8EDD02

Try working with the “runuser” command on Linux systems, if you need to. But I thought the bash resource supported designating a user to run the script as directly, for just this sort of thing?

Nico Kadel-Garcia
Email: nkadel@gmail.com
Sent from iPhone

On Jul 21, 2015, at 15:07, “o haya” ohaya@yahoo.com wrote:

Hi,

I am trying to implement a recipe for installing an application, but I have to run the installer .bin file (in the /tmp/app) as a specific user “appuser”,

I’m doing this in a bash resource, and have tried:

bash 'xxx" do
cwd "/tmp/app"
code <<EOH
su - appuser
./app.bin…
EOH
end

But that doesn’t seem to be work (I get an explicit error from the app in the bash resource saying that I have to not be root when I run the app).

I’ve tried some things I’ve found from googling, such as:

bash “installxxxx” do
user "appuser"
cwd "/tmp/app"
environment ({ ‘HOME’ => ::Dir.home(‘appuser’), ‘USER’ => ‘appuser’ })
code <<-EOH
./app.bin…
EOH
end

and that if failing because it seems to still be writing some files with “root” ownership, rather than with “appuser” ownership.

Can someone tell me why this (the “su - appuser” isn’t working and also how can I get it to work?

Thanks,
Jim

Hi Jim,
I think we need more information about “still seems to be writing files
with root ownership”. You mean the installer is? or something else is? Can
you paste the output of your chef run?
Thanks,
-Thom

On Tue, Jul 21, 2015 at 8:07 PM, o haya ohaya@yahoo.com wrote:

Hi,

I am trying to implement a recipe for installing an application, but I
have to run the installer .bin file (in the /tmp/app) as a specific user
"appuser",

I’m doing this in a bash resource, and have tried:

bash 'xxx" do
cwd "/tmp/app"
code <<EOH
su - appuser
./app.bin…
EOH
end

But that doesn’t seem to be work (I get an explicit error from the app in
the bash resource saying that I have to not be root when I run the app).

I’ve tried some things I’ve found from googling, such as:

bash “installxxxx” do
user "appuser"
cwd "/tmp/app"
environment ({ ‘HOME’ => ::Dir.home(‘appuser’), ‘USER’ => ‘appuser’ })
code <<-EOH
./app.bin…
EOH
end

and that if failing because it seems to still be writing some files with
"root" ownership, rather than with “appuser” ownership.

Can someone tell me why this (the “su - appuser” isn’t working and also
how can I get it to work?

Thanks,
Jim

Thom, Jeff, Nico (et al),

After working all night and not resolving this, I woke up this morning and finally (JUST) figured it out (there was a log that I didn’t know about that told me the real problem).

It seems that the “running as user” part was working ok all along :(. The problem turned out to be somewhere (completely), basically a configuration file that had an incorrect parameters in it. I had changed some directory names as I was cleaning up my Chef recipe, but didn’t change the parameters in that config file.

Thanks for the responses!

Jim


On Wed, 7/22/15, Thom May thom@chef.io wrote:

Subject: [chef] Re: Can’t seem to run command in bash resource as another user?
To: “Chef” chef@lists.opscode.com
Cc: ohaya@yahoo.com
Date: Wednesday, July 22, 2015, 10:26 AM

Hi
Jim,I think we need more information about “still
seems to be writing files with root ownership”. You
mean the installer is? or something else is? Can you paste
the output of your chef
run?Thanks,-Thom
On Tue, Jul 21, 2015 at
8:07 PM, o haya ohaya@yahoo.com
wrote:
Hi,

I am trying to implement a recipe for installing an
application, but I have to run the installer .bin file (in
the /tmp/app) as a specific user “appuser”,

I’m doing this in a bash resource, and have tried:

bash 'xxx" do

cwd “/tmp/app”

code <<EOH

 su - appuser

 ./app.bin.......

EOH

end

But that doesn’t seem to be work (I get an explicit
error from the app in the bash resource saying that I have
to not be root when I run the app).

I’ve tried some things I’ve found from googling,
such as:

bash “installxxxx” do

user “appuser”

cwd “/tmp/app”

environment ({ ‘HOME’ =>
::Dir.home(‘appuser’), ‘USER’ =>
‘appuser’ })

code <<-EOH

  ./app.bin...

EOH

end

and that if failing because it seems to still be writing
some files with “root” ownership, rather than with
"appuser" ownership.

Can someone tell me why this (the "su - appuser"
isn’t working and also how can I get it to work?

Thanks,

Jim