Solved

run login scripts as root

Posted on 2013-06-10
13
403 Views
Last Modified: 2014-01-14
I have 2 login scripts. I need script1 to run if user1 logs in and script 2 to run if user2 logs in.

I believe I need to create a .plist file in the ~/Library/Launchagents folders of each user calling their respective scripts. Is this true.?

Also, the commands within the script have to be run as root.

how can user1 and user2 run the scripts as root..?

Many thanks in advance..

Mat
0
Comment
Question by:matedwards
13 Comments
 
LVL 10

Expert Comment

by:Sam Simon Nasser
ID: 39234988
try this


    When Bash starts, it executes the commands in a variety of different scripts.

    When Bash is invoked as an interactive login shell, it first reads and executes commands from the file /etc/profile, if that file exists. After reading that file, it looks for ~/.bash_profile, ~/.bash_login, and ~/.profile, in that order, and reads and executes commands from the first one that exists and is readable.

    When a login shell exits, Bash reads and executes commands from the file ~/.bash_logout, if it exists.

    When an interactive shell that is not a login shell is started, Bash reads and executes commands from ~/.bashrc, if that file exists. This may be inhibited by using the --norc option. The --rcfile file option will force Bash to read and execute commands from file instead of ~/.bashrc.

http://stackoverflow.com/questions/97137/how-do-you-run-a-script-on-login-in-nix
0
 
LVL 23

Expert Comment

by:nemws1
ID: 39235044
You are correct - you want to use Launchagent.  I'm at work with an older Mac (10.4), so I can't test/show you how to do this until this evening.  Hopefully another expert can show you how to do this sooner.
0
 
LVL 61

Expert Comment

by:gheist
ID: 39242795
Can you explain what root part of script will do? Maybe that can be done without root privileges.
Normally "man visudo" explains how to run commands and what to type in visudo
0
 

Author Comment

by:matedwards
ID: 39344832
Apolgies for the lateness..
I need the scripts to move some files out of the System folder disabling Spell Check in TextEdit. The plist files in Launchagents initiate the scripts but I keep getting a Permssion Denied error and the files aren't moved. I have added this line in the visudo file

user1 ALL=(ALL) NOPSSWD:ALL or

but I'm still getting the Permission Denied error..

many thanks for the help..

Mat
0
 
LVL 61

Expert Comment

by:gheist
ID: 39346066
Not really
user1 ALL=(ALL) NOPSSWD:ALL or

Should be
user1 ALL=(ALL) NOPASSWD: ALL
0
 

Author Comment

by:matedwards
ID: 39347445
thanks gheist.. tried that.. no luck.. also tried..

user1 ALL=(ALL) NOPASSWD: /path/to/script

thanks again
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 61

Expert Comment

by:gheist
ID: 39348699
Run the script via bash -x
sudo should show some error if command line is one-off


Normally you override system preference with editing plist under same name in users preference directory, not deleting the system files.
0
 

Author Comment

by:matedwards
ID: 39482891
The script runs with no problems from the bash shell..  for example ./script

It only fails when run at login by the Launchagent.

regards

Mat
0
 
LVL 61

Expert Comment

by:gheist
ID: 39488006
Do you read what I wrote here? You can override system plists per-user. No unix involved.
0
 

Author Comment

by:matedwards
ID: 39525083
If User1 logs in Script1 moves three files out of /System to disable SpellCheck in TextEdit..

/System/Library/Coreservices/CarbonSpellChecker.bundle
/System/Library/Services/Applespell.Service
/System/Library/Spelling

If User2 logs in Script2 moves them back to enable Spellcheck in TextEdit

How can this be done in system plist per-user..?
0
 
LVL 61

Expert Comment

by:gheist
ID: 39525658
0
 

Accepted Solution

by:
matedwards earned 0 total points
ID: 39767616
Cannot get this to work.. I know it should be possible with Launchagent and elevated privileges.. closing question..
0
 

Author Closing Comment

by:matedwards
ID: 39778736
No solution
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Information security is a multi-billion dollar industry. Just as lucrative is the black market industry which trades stolen identities, credit card numbers and software exploits all over the world. Nothing is hack-proof. The best one can do is make …
iCloud Drive was introduced after iOS 8 was launched last year. This drive is Apple’s online storage device that lets users sync their files and access them from all their Apple devices.   There is a lot of data that is not automatically backed up…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now