Is there a way in FreeBSD to (being root) run a command as unprivileged user, like nobody? Kind of like reverse of sudo. Oh and considering that 'nobody' has /usr/sbin/nologin as shell - so su is not an option.
Asked
Active
Viewed 2.5k times
2 Answers
66
You can su to an account with the nologin shell if you use the -m option.
Example:
su -m cthulhu -c '/usr/bin/scorpion-stare'
will run the SCORPION STARE command-line utility as the user cthulhu.
Brad Ackerman
- 1,886
- 1
- 14
- 11
-
11+1 because this is an answer that does NOT require the installation of an extra binary! And works out of the box. – gamecreature Jul 21 '11 at 20:21
-
What is the -c for? – Chris May 13 '17 at 16:58
-
@Chris That tells it what command you want to run as that user. – Kris Anderson Feb 18 '18 at 22:54
-
1@KrisAnderson This is not true. `-c` is not [su(1)](https://www.freebsd.org/cgi/man.cgi?su) flag. The first argument which is not recognised by su(1) is the first argument passed to sh(1). So effectively you get `sh -c '/usr/bin/scorpion-stare'`. See [sh(1)](https://www.freebsd.org/cgi/man.cgi?sh) for details. – Mateusz Piotrowski Jun 09 '18 at 21:18
25
sudo will allow you to run a command as another user.
sudo -u nobody <command>
will run as nobody, even if their login shell is not available.
DrStalker
- 9,061
- 17
- 43
- 47
-
-
12Note that `sudo` is a Port (`security/sudo` in the Ports tree), not in the distribution as default. – jj1bdx Apr 05 '12 at 07:35