Solved Run as different user under FreeBSD

W

wasyl

Hi,

Is there a way in FreeBSD to (being root) run a command as unprivileged user, like nobody? Kind of like reverse of sudo. Oh and considering that 'nobody' has /usr/sbin/nologin as shell - so su is not an option.

Thank you.
 
sudoers
Code: 
root    ALL=(www) NOPASSWD: /usr/bin/id

grep www /etc/passwd
Code: 
www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin

# sudo -u www id
Code: 
uid=80(www) gid=80(www) groups=80(www)
 
Excellent hint from DutchDaemon.

Let me add a little tip and a small correction: Some people like myself are annoyed by having to have daemons like polkit (and other systemd or Freedesktop friends) running basically for little more than reboot/shutdown without a password.

Code: 
you ALL = NOPASSWD: /sbin/shutdown,/sbin/poweroff
in sudoers does the trick (where you is obviously your username). simply calling, for instance, sudo shutdown -r now in your window manager's menu will reboot your system without polkit (which basically does something like sudo but with sh*loads of crap and XML and a daemon). Great for Openbox and other minimalist window managers.

Note the order. The first item is the user (or group) for whom the given entry shall be valid (that's the correction. root evidently doesn't need to sudo and if he likes to, say, to downgrade, he won't need a password anyway). The next item (here "ALL" is he host; usually you'll just leave it at "ALL"). The next item would be the "target user" as whom to run, something like "(www)" which isn't needed if that user is root and the last item is one or more (comma separated) commands with an optional tag: like NOPASSWD in front.

Finally, a reminder: you must use visudo to edit sudoers!
 
Last edited:
You must log in or register to reply here.
Back
Top