| 1 |
On 13/07/2016 18:42, wabe wrote: |
| 2 |
> Fernando Rodriguez <cyklonite@×××××.com> wrote: |
| 3 |
> |
| 4 |
>> -----BEGIN PGP SIGNED MESSAGE----- |
| 5 |
>> Hash: SHA256 |
| 6 |
>> |
| 7 |
>> On 07/13/2016 07:10 AM, Alan McKinnon wrote: |
| 8 |
>>> On 12/07/2016 03:47, jens w wrote: |
| 9 |
>>>> .procmailrc |
| 10 |
>>>> :0 c |
| 11 |
>>>> * !^X-Loop: name@×××××××.com |
| 12 |
>>>> | formail -X "From:" | $HOME/bin/script.sh |
| 13 |
>>>> |
| 14 |
>>>> procmail.log |
| 15 |
>>>> procmail: Executing " formail -X "From:" | $HOME/bin/script.sh |
| 16 |
>>>> |
| 17 |
>>>> for incoming mail, a script is executed. logfile has the same |
| 18 |
>>>> entry as it is in other users. but the script do nothing. |
| 19 |
>>>> |
| 20 |
>>>> How executing a command as a nologin user? |
| 21 |
>>>> |
| 22 |
>>> |
| 23 |
>>> |
| 24 |
>>> You can't, not the way you are doing it. |
| 25 |
>>> You want to launch a shell script for the user, but the user's |
| 26 |
>>> shell is /sbin/nologin. This exits immediately without launching |
| 27 |
>>> the script. |
| 28 |
>>> |
| 29 |
>>> Give the user a real shell. |
| 30 |
>>> |
| 31 |
>>> Alan |
| 32 |
>>> |
| 33 |
>> |
| 34 |
>> I've been following this thread and thinking the same thing but |
| 35 |
>> wasn't sure. |
| 36 |
> |
| 37 |
> I don't think so. To proof it, I created this user: |
| 38 |
> |
| 39 |
> nologinuser:x:1015:1016::/home/nologinuser:/sbin/nologin |
| 40 |
> |
| 41 |
> Then I created this script: |
| 42 |
> |
| 43 |
> #!/bin/sh |
| 44 |
> # |
| 45 |
> date >> /home/nologinuser/envars.txt |
| 46 |
> echo $HOME >> /home/nologinuser/envars.txt |
| 47 |
> echo $PATH >> /home/nologinuser/envars.txt |
| 48 |
> echo "-----------------------" >> /home/nologinuser/envars.txt |
| 49 |
> |
| 50 |
> I stored it as /var/script-nologinuser/testscript.sh. I had to store |
| 51 |
> it at this place because /home is mounted with the noexec option on |
| 52 |
> my system. |
| 53 |
> |
| 54 |
> |
| 55 |
> Then I created a cronjob for the nologinuser user: |
| 56 |
> |
| 57 |
> */2 * * * * /var/script-nologinuser/testscript.sh |
| 58 |
> |
| 59 |
> |
| 60 |
> The result is the file /home/nologinuser/envars.txt with this |
| 61 |
> content: |
| 62 |
> |
| 63 |
> Wed Jul 13 18:10:01 CEST 2016 |
| 64 |
> /home/nologinuser |
| 65 |
> /usr/bin:/bin |
| 66 |
> ----------------------- |
| 67 |
> Wed Jul 13 18:12:01 CEST 2016 |
| 68 |
> /home/nologinuser |
| 69 |
> /usr/bin:/bin |
| 70 |
> ----------------------- |
| 71 |
> |
| 72 |
> |
| 73 |
> The ownership and the rights for /home/nologinuser/, |
| 74 |
> /var/script-nologinuser/ and /var/script-nologinuser/testscript.sh |
| 75 |
> are nologinuser:nologinuser and 700. |
| 76 |
> |
| 77 |
> So it seems, that it is possible to execute scripts without setting |
| 78 |
> a shell in /etc/passwd. |
| 79 |
> |
| 80 |
> I don't know why it doesn't work for jens w. |
| 81 |
|
| 82 |
|
| 83 |
Not so. Your script is launched by cron, running as root. It starts a |
| 84 |
non-interactive no-login shell (that's why people have infernal trouble |
| 85 |
with cron, assuming it has a $PATH when it actually has none) |
Archives