Linux: Run a specific command as another user?

Question

I want to be able to allow users to run a specific command as another user, is this possible?

I have a script that reads a remote file through ssh to get a status, something like:

#!/usr/bin/sh

state=$(ssh -q -i $HOME/.ssh/id_rsa" auto@remote-host "[ -f /path/to/state/file ] && cat /path/to/state/file 2>/dev/null")

printf "${state}"

The auto user has a key setup so that it can login to the remote machine without a password. I want users to be able to run this script without needing to worry about setting up their own key, for example:

bob@local-machine$ /path/to/state-check

So, the bob user can run the script as the auto user without hassle. I know you can use something like

su auto -c "/path/to/state-check"

But that would still require access to the auto user's password or sudo. Is there a way to set up a file that allows bob to run specific commands as auto passwordless? Or should I redesign the tool so that the state files are fetched and stored locally? I'm not really sure of a good way to do this. I'm running this on RHEL 9 machines.

consider setting auto up as a service on the remote server instead of relying on ssh. — Jasen, Aug 12 '23 at 02:13
sudo and su can do this, while sudo can be restricted to Only allow one command — djdomi, Aug 12 '23 at 10:13
**1.** Simply remove `auto@` from your command line. `ssh` will use *logname* as user for connection. **2.** Or use `ssh ... $USER@...`. — F. Hauri - Give Up GitHub, Aug 13 '23 at 08:57

Linux: Run a specific command as another user?

0 Answers0