A collection of Bash scripts

Jens Getreu


1 Description

1.1 Execute a command as another user with: sudox

sudox (sudo for X) is a Bash script that executes commands under X in UNIX and LINUX on behalf of another user using sudo. It provides the necessary privileges using xauth over a pipe. I use it for example to execute firefox as a different user with low privileges.


> sudox -u <other_user> <command>


> sudox -u mynobody firefox

sudox has the same function than the discontinued sux command that was distributed formely as a package in Debian and Ubuntu.


To avoid that sudox is asking you for a password twice, consider adding a line like %users LOCAL=(mynobody) NOPASSWD:ALL to /etc/sudoers.

Create a file /usr/local/bin/sodux with the following content:

if  [ $# -lt 3 ] || [ $1 != "-u" ] 
then echo "usage: `basename $0` -u <clientuser> <command>" >&2
     exit 2

CLIENTHOME=$(grep "^$CLIENTUSER:" /etc/passwd|cut -d: -f 6)

# FD 4 becomes stdin too
exec 4>&0

xauth -b nlist "$DISPLAY" | {

    # FD 3 becomes xauth output
    # FD 0 becomes stdin again
    # FD 4 is closed
    exec 3>&0 0>&4 4>&-

    exec /usr/bin/sudo -H -u "$CLIENTUSER" \
          /usr/bin/xauth -f "$CLIENTHOME"/.Xauthority nmerge - <&3 

exec echo "env DISPLAY=$DISPLAY XAUTHORITY=${CLIENTHOME}/.Xauthority $*" \
    | sudo  -i -u "$CLIENTUSER"


Remote X Apps mini-HOWTO

What is a good alternative to the sux command?

1.2 Incremental encrypted backups with: afio, secbak and secrest

secbak and secrest are scripts that uses afio a cpio replacement for assembling files to an archive. The scripts implements incremental multi-volume backups and restore. Unlike with tar, files are compressed individually and can be optionally encrypted. This makes the archive more robust in case of read errors.

1.3 Publish only sub-trees tagged as: PUBLIC

publish_only_PUBLIC_subtrees.sh is a Bash script that reconstructs parts of a UNIX or LINUX directory tree using symbolic links. I use it in order to to collect selected assets of my hard disk on a web server. Only files and directories within folders named PUBLIC are published.

First we rebuild the directory structure of SOURCEROOT under DESTROOR. Our leaves will be all parent directories containing a directory named PUBLIC:

#echo -e \\n \\n Base of new tree is $DESTROOT 
find  -L . -name "PUBLIC" -type d -prune -print0 \
     |sed  -e 's/\PUBLIC//g' \
     |xargs -0 -i{} mkdir --parents "$DESTROOT/{}"
#we need -prune to cope with nested PUBLIC dirs

Then link everything inside the PUBLIC directory into the above created leaves. This uses nested find commands and symbolic links:

find -L . -name "PUBLIC" -type d  -prune -print0 \
    |sed -e 's/\/PUBLIC//g' \
    |xargs -0 -i{2}  find  "$SOURCEROOT/{2}/PUBLIC/" -mindepth 1 -maxdepth 1 \
        -exec  ln -s "{}" "$DESTROOT/{2}" \;
#  we need -prune to cope with nested PUBLIC dirs

The resulting tree only contains braches where the original tree SOURCEROOT has PUBLIC directories, while ommitting them in the copy in DESTROOT.

lnr -s is a Bash script which creates symbolic links with the same syntax as the UNIX command ln -s. Unlike ln -s it searches the shortest relative path between the source and destination and creates the link with a relative path. Most of the time symbolic links are very short in distance and used mainly to reduce redundancy. The advantage of relative symbolic links is that whole branches can be moved without breaking links. If you do so, please make sure that branch you want to move does not does not contain relative links pointing outside the moving branch.

2 Download

The scripts are packed in an zip-archive you can download here.