ddwrt add user / run command as user
Published by SAGAN Jacques De on October 24th, 2014
ddwrt add user / run command as user
Take a tip from the Optware Samba configuration wiki page and add this command to your router startup commands and/or scripts:
grep -q FTPuser /tmp/etc/passwd || echo "FTPuser:*:65533:65533:FTP users:/var:/bin/false" >> /tmp/etc/passwd
Replace the string "FTPuser" (twice!) with whatever you want for an FTP user name.
grep -q FTPuser /tmp/etc/passwd || echo "FTPuser:*:65533:65533:FTP users:/var:/bin/false" >> /tmp/etc/passwd
Replace the string "FTPuser" (twice!) with whatever you want for an FTP user name.
The first 65533 is the system user id (UID) and the second one the system group id (GID). * represent the password
Example:
man:x:6:12:man:/opt/man:/opt/bin/sh
Run command as another user
用其它用户身份执行命令, 一个需求是配合 iptables xt_owner 模块的 --uid-owner 对指定进程打 fwmark 做策略路由.
尝试安装 OPTW2 里的 sudo, 但因为 ddwrt 系统分区无法写入, 而 sudo 配置文件必须为 /etc/sudoers, 所以无法正常工作.
查找了下, 可以用 OPTW2 里面的 start-stop-daemon
start-stop-daemon -c man -S -x
-c USER[:GROUP] 以指定用户 / 组运行命令.
(注意 ddwrt OPTW2 里的 start-stop-daemon 和标准 debian 系 linux 里的参数选项不同)
------------------------------
Usage: start-stop-daemon [OPTIONS] [-S|-K] ... [-- ARGS...]
Search for matching processes, and then
-K: stop all matching processes.
-S: start a process unless a matching process is found.
Search for matching processes, and then
-K: stop all matching processes.
-S: start a process unless a matching process is found.
Process matching:
-u USERNAME|UID Match only this user's processes
-n NAME Match processes with NAME
in comm field in /proc/PID/stat
-x EXECUTABLE Match processes with this command
command in /proc/PID/cmdline
-p FILE Match a process with PID from the file
All specified conditions must match
-S only:
-x EXECUTABLE Program to run
-a NAME Zeroth argument
-b Background
-c USER[:[GRP]] Change to user/group
-m Write PID to the pidfile specified by -p
-K only:
-s SIG Signal to send
-t Match only, exit with 0 if a process is found
Other:
-q Quiet
-u USERNAME|UID Match only this user's processes
-n NAME Match processes with NAME
in comm field in /proc/PID/stat
-x EXECUTABLE Match processes with this command
command in /proc/PID/cmdline
-p FILE Match a process with PID from the file
All specified conditions must match
-S only:
-x EXECUTABLE Program to run
-a NAME Zeroth argument
-b Background
-c USER[:[GRP]] Change to user/group
-m Write PID to the pidfile specified by -p
-K only:
-s SIG Signal to send
-t Match only, exit with 0 if a process is found
Other:
-q Quiet
------------------------------
Posted on October 24th, 2014