Usage of pbrun and different useraccount than root


#1

Hi All,

Generally we dont have root access on our linux machines and we have been provided Power Builder useraccounts with which we are installing required software in custom folder.
for e.g.
we want to install JIRA using system useraccount “syspankaj” in /app/custom/jira .(jira is owned by syspankaj.
We dont get password for syspankaj else my own useraccount “pimplep” will have pb access to syspankaj useraccount.
So to become syspankaj I need to run

pbrun -u syspankaj bash

once we execute above command we are becoming syspankaj user and execute our installations.

I am trying to do the same thing using chef and need help in achieving this.

Could anyone please help me with this?

Thanks and Regards,
Pankaj


#2

This isn’t something Chef directly supports, at least you won’t be able to use most of the core resources (package, template, etc). The best you can do is probably a lot of carefully written execute resources. This is totally workable, but you’ll lose out on the lot the benefits of Chef in terms of making convergent code easy to write, so maybe also consider other options.


#3

Thanks for the information.

In case I am getting syspankaj password and avoiding pbrun call, will that make condition more workable using chef?
The requirement will be using syspankaj useraccount to install software instead of root.
Please guide.

Thanks and Regards,

Pankaj


#4

Not really, the way Chef runs things as a specific user is a fork+setuid+exec (ignoring windows, just run with it). Doing that requires running as root. You can’t easily slot in an external setuid tool like su or sudo. Basically except in very specific situations (managing Mac workstations being the most common by leaps and bounds) you should expect to run chef-client or chef-solo as root and then tell it which users to run commands as.


#5

Hi,

Thanks for the help and guidance.

Thanks and Regards,
Pankaj