How to run command as user who has /usr/sbin/nologin as Shell?

All I need to do is to run a specific script as a particular user who does have the nologin/false shell indicated in /etc/passwd.

I would run the script as root and this should run as another user. Running:

~# su -c "/bin/touch /tmp/test" testuser

would work, but I need a valid shell for the testuser. I know I can disable the password with passwd -d testuser and leave the shell to /bin/bash this way would secure a little bit but I need to have nologin/false shell.

Basically what I need is what crontab does when we set jobs to be running as a particular user, regardless this one has nologin/false shell.

p.s I found this thread Executing a command as a nologin user, but I have no idea how to concatenate the command su -s /bin/sh $user to the script I need to run.

Solution 1:

You can use the -s switch to su to run a particular shell

su -s /bin/bash -c '/path/to/your/script' testuser

(Prepend sudo to the above if testuser is a passwordless user.)

Solution 2:

You can do this with sudo -u if you have it installed:

# whoami
root
# sudo -u apache whoami
apache
# getent passwd apache
apache:x:48:48:Apache:/var/www:/sbin/nologin

Solution 3:

By providing the script as the argument to execute to /bin/sh:

su -s "/bin/sh /your/script/location" username

Solution 4:

just realized :

su -s "/bin/bash" -c "/bin/touch /tmp/testuser" testuser

maybe there is a better way ?!