2018-10-27
sudox (sudo for X) is a Bash script that executes commands under X in UNIX and LINUX on behalf of another user using sudo. It provides the necessary privileges using xauth over a pipe. I use it for example to execute firefox as a different user with low privileges.
Usage:
> sudox -u <other_user> <command>Example:
> sudox -u mynobody firefoxsudox has the same function than the discontinued sux command that was distributed formely as a package in Debian and Ubuntu.
Installation:
To avoid that sudox is asking you for a password twice, consider adding a line like %users LOCAL=(mynobody) NOPASSWD:ALL to /etc/sudoers.
Create a file /usr/local/bin/sodux with the following content:
if [ $# -lt 3 ] || [ $1 != "-u" ]
then echo "usage: `basename $0` -u <clientuser> <command>" >&2
exit 2
fi
shift
CLIENTUSER="$1"
CLIENTHOME=$(grep "^$CLIENTUSER:" /etc/passwd|cut -d: -f 6)
shift
# FD 4 becomes stdin too
exec 4>&0
xauth -b nlist "$DISPLAY" | {
# FD 3 becomes xauth output
# FD 0 becomes stdin again
# FD 4 is closed
exec 3>&0 0>&4 4>&-
exec /usr/bin/sudo -H -u "$CLIENTUSER" \
/usr/bin/xauth -f "$CLIENTHOME"/.Xauthority nmerge - <&3
}
exec echo "env DISPLAY=$DISPLAY XAUTHORITY=${CLIENTHOME}/.Xauthority $*" \
| sudo -i -u "$CLIENTUSER"References:
What is a good alternative to the sux command?
secbak and secrest are scripts that uses afio a cpio replacement for assembling files to an archive. The scripts implements incremental multi-volume backups and restore. Unlike with tar, files are compressed individually and can be optionally encrypted. This makes the archive more robust in case of read errors.
publish_only_PUBLIC_subtrees.sh is a Bash script that reconstructs parts of a UNIX or LINUX directory tree using symbolic links. I use it in order to to collect selected assets of my hard disk on a web server. Only files and directories within folders named PUBLIC are published.
First we rebuild the directory structure of SOURCEROOT under DESTROOR. Our leaves will be all parent directories containing a directory named PUBLIC:
#echo -e \\n \\n Base of new tree is $DESTROOT
cd "$SOURCEROOT"
find -L . -name "PUBLIC" -type d -prune -print0 \
|sed -e 's/\PUBLIC//g' \
|xargs -0 -i{} mkdir --parents "$DESTROOT/{}"
#we need -prune to cope with nested PUBLIC dirsThen link everything inside the PUBLIC directory into the above created leaves. This uses nested find commands and symbolic links:
cd "$SOURCEROOT"
find -L . -name "PUBLIC" -type d -prune -print0 \
|sed -e 's/\/PUBLIC//g' \
|xargs -0 -i{2} find "$SOURCEROOT/{2}/PUBLIC/" -mindepth 1 -maxdepth 1 \
-exec ln -s "{}" "$DESTROOT/{2}" \;
# we need -prune to cope with nested PUBLIC dirsThe resulting tree only contains braches where the original tree SOURCEROOT has PUBLIC directories, while ommitting them in the copy in DESTROOT.
lnr -s is a Bash script which creates symbolic links with the same syntax as the UNIX command ln -s. Unlike ln -s it searches the shortest relative path between the source and destination and creates the link with a relative path. Most of the time symbolic links are very short in distance and used mainly to reduce redundancy. The advantage of relative symbolic links is that whole branches can be moved without breaking links. If you do so, please make sure that branch you want to move does not does not contain relative links pointing outside the moving branch.
The scripts are packed in an zip-archive you can download here.