Date: Fri, 19 Feb 2016 10:57:39 +0000 From: Donald Kevin <export.toprank@gmail.com> To: freebsd-questions@FreeBSD.org, freebsd-doc@FreeBSD.org Subject: Sub-3D CAD Services - India Message-ID: <089e01229ed208178c052c1d5ab1@google.com>
next in thread | raw e-mail | index | archive | help
DQoqRGVhciBvd25lciBvZiBGcmVlYnNkLm9yZywqDQoNCipJIGFtIERvbmFsZCBLZXZpbi1CdXNp bmVzcyBNYW5hZ2VyIGZvciBDQUQgM0QgTW9kZWwgQ29tcGFueSBsb2NhdGVkIGluDQpJbmRpYS5P dXIgQ29tcGFueSBkYWlseSBjcmVhdGVzIHRoZSAzZCBtb2RlbHMgZnJvbSAyZCBEcmF3aW5ncywN ClBERi9TY2Fucy9za2V0Y2hlcy4gT3VyIENBRCBlbmdpbmVlcnMgbWFrZSBhY2N1cmF0ZSBkaW1l bnNpb25hbCAzZCBtb2RlbA0KYW5kIFByZXNlbnRhdGlvbiBjb25jZXB0IE1vZGVscy4qDQoNCipT ZW5kIHlvdXIgZmlsZXMgYnkgTWFpbCBvciBGVFAuKg0KKk91ciBFbmdpbmVlcnMgd29yayAyNC83 LioNCipXZSBhcmUgZXhwZXJ0cyBpbiBTb2xpZHdvcmtzL0ludmVudG9yL0F1dG9DQUQvQ1JFTyoN CipEZWxpdmVyeSBXaXRoaW4gMjQgSG91cnMqDQoqUGxlYXNlIHNlbmQgeW91ciBmaWxlcyBzbyB3 ZSBjYW4gZGVsaXZlciBzYW1wbGUgdG8gcmV2aWV3IG91ciBxdWFsaXR5IGFuZA0Kd2UgYXJlIGxv b2tpbmcgZm9yIGxvbmd0ZXJtIGJ1c2luZXNzIHBhcnRuZXJzaGlwLioNCipXZSBjaGFyZ2UgSG91 cmx5IDcuNSQgVVNEIHBlciBIb3VyIGZvciBDQUQgc2VydmljZXMuKg0KKldlIGNoYXJnZSA5NTAk IFVTRCBmb3IgQ0FEIEVuZ2luZWVyIG9uIE1vbnRobHkgYmFzaXMgd29yay4qDQoqV2UgYWNjZXB0 IFBheXBhbCBvciBCQU5LIHRyYW5zZmVyIHBheW1lbnQuKg0KDQoqTG9va2luZyBmb3IgbG9uZy10 ZXJtIGJ1c2luZXNzIGFzc29jaWF0aW9uIHNvIHBsZWFzZSByZXBseSB3aXRoIHlvdXINCnJlcXVp cmVtZW50IO+BiioNCipUaGFua3MhKg0KDQoqQmVzdCBSZWdhcmRzLCoNCipEb25hbGQgS2V2aW4q DQoqQnVzaW5lc3MgTWFuZ2VyKg0K From owner-freebsd-questions@freebsd.org Fri Feb 19 11:14:41 2016 Return-Path: <owner-freebsd-questions@freebsd.org> Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 33220AAD264 for <freebsd-questions@mailman.ysv.freebsd.org>; Fri, 19 Feb 2016 11:14:41 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx01.qsc.de (mx01.qsc.de [213.148.129.14]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C97331F24 for <freebsd-questions@freebsd.org>; Fri, 19 Feb 2016 11:14:40 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de (port-92-195-96-7.dynamic.qsc.de [92.195.96.7]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx01.qsc.de (Postfix) with ESMTPS id 4F0093CE5E; Fri, 19 Feb 2016 12:05:04 +0100 (CET) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id u1JB537T002177; Fri, 19 Feb 2016 12:05:03 +0100 (CET) (envelope-from freebsd@edvax.de) Date: Fri, 19 Feb 2016 12:05:03 +0100 From: Polytropon <freebsd@edvax.de> To: Yudi V <yudi.tux@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: minimize use of root account Message-Id: <20160219120503.fc97ef10.freebsd@edvax.de> In-Reply-To: <CACo--mv9qU2ZwtTuZRQBpioEr+enT=sd-SJ79BFumZt5aL18jg@mail.gmail.com> References: <CACo--mv9qU2ZwtTuZRQBpioEr+enT=sd-SJ79BFumZt5aL18jg@mail.gmail.com> Reply-To: Polytropon <freebsd@edvax.de> Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions <freebsd-questions.freebsd.org> List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>; List-Post: <mailto:freebsd-questions@freebsd.org> List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help> List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, <mailto:freebsd-questions-request@freebsd.org?subject=subscribe> X-List-Received-Date: Fri, 19 Feb 2016 11:14:41 -0000 On Fri, 19 Feb 2016 16:29:43 +1100, Yudi V wrote: > Hi all, > > currently I use the below script to load geli devices and import zpool. It > needs to be run as root. > how to run this script as normal user, is there a group that the user needs > to be part of? No, not for this task. There are different ways to do it. 1. You can set the script itself to "run as root" (chmod +s) when the script is owned by root:root. Regular users may then execute it. 2. Temporarily become root by using "su -" or ("su -m" if preferred) and execute the script. See "man su" for details. 3. Use a tool like "sudo" or "super". This is probably the better approach: "sudo <scriptname>". You need to install the program from ports / packages, it's not part of the OS. You could include the "sudo <something>" parts into the script as well, but that's probably not good practice. In order to "su root", your user needs to be part of the "wheel" group. Regular users are not permitted this increase of power. :-) > also when I have to shutdown/reboot, I need to run the command as root but > instead would like for the normal user to be able to shutdown and reboot. Make your user part of the "operator" group to be able to execute the "shutdown -p" and "shutdown -r" commands. Note that the "reboot" command may only be executed by root. > I posted this first on the forums but did not receive any relevant ans > yet. https://forums.freebsd.org/threads/55166/ > > appreciate if someone can answer my questions. > Code: > > ############### > #!/bin/csh -f Why?! There's a relevant article: "Csh Programming Considered Harmful" written by Tom Christiansen. https://www-uxsup.csx.cam.ac.uk/misc/csh.html I have written one (!) csh script and I still regret it, maybe because it still works. :-) On FreeBSD, the default shell script interpreter is /bin/sh. How about this? #!/bin/sh # attach geli containers geli attach /dev/label/dataE0 if [ $? -eq 0 ]; then geli attach /dev/label/dataE1 if [ $? -eq 0 ]; then # import zpool tank3 (on a 2-way mirror) zpool import tank3 # mount zfs datasets from tank3 zfs mount -a # start samba service samba_server restart else geli detach /dev/label/dataE0.eli echo "detached dataE0.eli" echo "failed to attach dataE1.eli, check your password." fi else echo "failed to attach dataE0.eli, check your password." fi There are probably more pleasant ways for the "error checking cascade". Indentation helps a lot. The "else" and "fi" appear in the same column like the "if" where they belong to; the "conditioned commands" are indented. Quotes around strings. Empty lines also increase readablilty. Just in case you might want to debug the script at some time, maybe 10 years in the future... ;-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?089e01229ed208178c052c1d5ab1>