Created
April 5, 2009 01:36
-
-
Save peterc/90347 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# runas - Run another program under the privileges of a specified user and group. | |
# This is necessary because sudo demands a password, as we need it to be hands off. | |
# A poor man's suexec basically. | |
require 'etc' | |
user, group, cmd = ARGV | |
begin | |
uid = Etc.getpwnam(user).uid | |
gid = Etc.getgrnam(group).gid | |
unless Process.euid == uid && Process.egid == gid | |
Process.initgroups(user, gid) | |
Process::GID.change_privilege(gid) | |
Process::UID.change_privilege(uid) | |
end | |
exec cmd | |
rescue | |
puts "Could not run as #{user}:#{group}" | |
exit 1 | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment