How to switch user for a resource

priyanshu · September 20, 2017, 8:06am

If we are doing Oracle Installation via CHEF . The resource needs to run via oracle but the user has logged in as root user.

How to switch user from root to oracle such that complete resource runs via oracle.

bash ‘xxxxx’ do
cwd abcd
code <<-EOH
sqlplus -v > /oracle/local/log/softwareversion.txt
df -h > /oracle/local/log/serverspace.txt
free -g > /oracle/local/log/memoryspace.txt
EOH
end

This bash resource needs to run via oracle user…
how to modify the code to switch user.

this is the method i am using but i need some other option to do so such that complete resource gets executed as oracle user.

#logs for space and memory availability
bash ‘xxxx’ do
cwd aaaa
code <<-EOH
su - oracle -c "sqlplus -v > /oracle/local/log/softwareversion.txt"
su - oracle -c "df -h > /oracle/local/log/serverspace.txt"
su - oracle -c "free -g > /oracle/local/log/memoryspace.txt"
EOH
end

When the recipe runs on node it shows some error like this

bash[xxxxx] action run
[execute] stty: standard input: Invalid argument
stty: standard input: Invalid argument
stty: standard input: Invalid argument
stty: standard input: Invalid argument
stty: standard input: Invalid argument

simark · September 20, 2017, 8:12am

Use the user property in the bash resource

https://docs.chef.io/resource_bash.html

bash 'name' do
  code                       String
  creates                    String
  cwd                        String
  environment                Hash
  flags                      String
  group                      String, Integer
  notifies                   # see description
  path                       Array
  provider                   Chef::Provider::Script::Bash
  returns                    Integer, Array
  subscribes                 # see description
  timeout                    Integer, Float
  user                       String, Integer
  umask                      String, Integer
  action                     Symbol # defaults to :run if not specified
end

priyanshu · September 20, 2017, 11:36am

this user ‘oracle’ is not working in my case.

simark · September 20, 2017, 11:56am

Please provide detailed error information. If possible also the code you executed

priyanshu · September 20, 2017, 12:22pm

Is there a way that it is logging in i.e. switching in as oracle user but its not making the logon scripts to be active.

In my case i want a substitute of su - oracle but i think this user oracle is only the replacement of su oracle

priyanshu · September 20, 2017, 12:22pm

the error i mean to say is the complete path is not recognized and the file where it is present is not readable

simark · September 20, 2017, 12:35pm

Try the path and/or environment parameters in this same resource.
Also you could play with the execute resource
https://docs.chef.io/resource_execute.html

priyanshu · September 20, 2017, 2:09pm

execute resource has a constraint that only one command can be fired via one execute resource.

priyanshu · September 20, 2017, 2:10pm

where i am using execute resource… i have used su - oracle for that
but with bash i am writing su - oracle for each and every command inside bash resource as mentioned above
code <<-EOH
su - oracle -c "sqlplus -v > /oracle/local/log/softwareversion.txt"
su - oracle -c "df -h > /oracle/local/log/serverspace.txt"
su - oracle -c "free -g > /oracle/local/log/memoryspace.txt"
EOH

and can you tell how can i remove this error

stty: standard input: Invalid argument
stty: standard input: Invalid argument
stty: standard input: Invalid argument
stty: standard input: Invalid argument

priyanshu · September 21, 2017, 6:31am

#logs for space and memory availability
base = node[‘testcookbook’][‘ora_base’]

bash ‘check_space’ do
code <<-EOH
echo $USER > /tmp/env.lst
EOH
user 'oracle’
group 'dba’
end

Now this should give user as oracle but the result is root which means that user property of bash resource is not moving to oracle.
is it a bug??
because instead of using this if we use su - oracle -c “command” then it works fine

lkjangir · September 21, 2017, 6:11pm

it is unable to switch to user, seems it doesn’t have permission to do this.

Can you change the log-level to DEBUG and run the recipe again. then check if you can see any error or post it here.

priyanshu · September 21, 2017, 6:29pm

How to do that… how to change log level to debug mode

kkeane · September 23, 2017, 4:16pm

That “echo $user” command is not really proof of which user is running - it simply takes whatever is stored in the environment variable. I would assume that the bash resource inherits the environment from the chef run (much akin to what happens when you use “su oracle” rather than “su - oracle”).

If you really want to test, do this:

bash ‘test_root’ do
code <<-EOH
cat /root/.bashrc >/tmp/env.lst
EOH
user 'oracle’
group 'dba’
end

You should get a permission denied if this runs as user oracle, or success if it runs as user root.

Kevin Keane
Whom the IT Pros Call

Topic		Replies	Views
Can't seem to run command in bash resource as another user? Chef Infra (archive)	4	674	July 22, 2015
Oracle Cookbook Chef Infra (archive)	1	261	February 6, 2014
Run Chef in another user Chef Infra (archive)	2	406	August 13, 2014
Execute resource and sudo Chef Infra (archive)	3	913	March 11, 2011
Run entire chef recipe as 'ubuntu' user, not 'root' user Chef Infra (archive)	7	6763	April 5, 2016

How to switch user for a resource

Related topics