Solved

run login scripts as root

Posted on 2013-06-10
13
406 Views
Last Modified: 2014-01-14
I have 2 login scripts. I need script1 to run if user1 logs in and script 2 to run if user2 logs in.

I believe I need to create a .plist file in the ~/Library/Launchagents folders of each user calling their respective scripts. Is this true.?

Also, the commands within the script have to be run as root.

how can user1 and user2 run the scripts as root..?

Many thanks in advance..

Mat
0
Comment
Question by:matedwards
13 Comments
 
LVL 10

Expert Comment

by:Sam Simon Nasser
ID: 39234988
try this


    When Bash starts, it executes the commands in a variety of different scripts.

    When Bash is invoked as an interactive login shell, it first reads and executes commands from the file /etc/profile, if that file exists. After reading that file, it looks for ~/.bash_profile, ~/.bash_login, and ~/.profile, in that order, and reads and executes commands from the first one that exists and is readable.

    When a login shell exits, Bash reads and executes commands from the file ~/.bash_logout, if it exists.

    When an interactive shell that is not a login shell is started, Bash reads and executes commands from ~/.bashrc, if that file exists. This may be inhibited by using the --norc option. The --rcfile file option will force Bash to read and execute commands from file instead of ~/.bashrc.

http://stackoverflow.com/questions/97137/how-do-you-run-a-script-on-login-in-nix
0
 
LVL 23

Expert Comment

by:nemws1
ID: 39235044
You are correct - you want to use Launchagent.  I'm at work with an older Mac (10.4), so I can't test/show you how to do this until this evening.  Hopefully another expert can show you how to do this sooner.
0
 
LVL 62

Expert Comment

by:gheist
ID: 39242795
Can you explain what root part of script will do? Maybe that can be done without root privileges.
Normally "man visudo" explains how to run commands and what to type in visudo
0
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

 

Author Comment

by:matedwards
ID: 39344832
Apolgies for the lateness..
I need the scripts to move some files out of the System folder disabling Spell Check in TextEdit. The plist files in Launchagents initiate the scripts but I keep getting a Permssion Denied error and the files aren't moved. I have added this line in the visudo file

user1 ALL=(ALL) NOPSSWD:ALL or

but I'm still getting the Permission Denied error..

many thanks for the help..

Mat
0
 
LVL 62

Expert Comment

by:gheist
ID: 39346066
Not really
user1 ALL=(ALL) NOPSSWD:ALL or

Should be
user1 ALL=(ALL) NOPASSWD: ALL
0
 

Author Comment

by:matedwards
ID: 39347445
thanks gheist.. tried that.. no luck.. also tried..

user1 ALL=(ALL) NOPASSWD: /path/to/script

thanks again
0
 
LVL 62

Expert Comment

by:gheist
ID: 39348699
Run the script via bash -x
sudo should show some error if command line is one-off


Normally you override system preference with editing plist under same name in users preference directory, not deleting the system files.
0
 

Author Comment

by:matedwards
ID: 39482891
The script runs with no problems from the bash shell..  for example ./script

It only fails when run at login by the Launchagent.

regards

Mat
0
 
LVL 62

Expert Comment

by:gheist
ID: 39488006
Do you read what I wrote here? You can override system plists per-user. No unix involved.
0
 

Author Comment

by:matedwards
ID: 39525083
If User1 logs in Script1 moves three files out of /System to disable SpellCheck in TextEdit..

/System/Library/Coreservices/CarbonSpellChecker.bundle
/System/Library/Services/Applespell.Service
/System/Library/Spelling

If User2 logs in Script2 moves them back to enable Spellcheck in TextEdit

How can this be done in system plist per-user..?
0
 
LVL 62

Expert Comment

by:gheist
ID: 39525658
0
 

Accepted Solution

by:
matedwards earned 0 total points
ID: 39767616
Cannot get this to work.. I know it should be possible with Launchagent and elevated privileges.. closing question..
0
 

Author Closing Comment

by:matedwards
ID: 39778736
No solution
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Set up iPhone and iPad email signatures to always send in high-quality HTML with this step-by step guide.
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question