Open utterances-bot opened 3 months ago
Great blog! One very strange thing I've noticed even after setting the ENV vars, was that the command I was trying to run, did not recognize the target user's true primary group and secondary groups, even though everything was set properly in /etc/group
and /etc/passwd
.
Long story short, after more time than I'd like to admit, I just ended up doing the following:
execute 'correct_user_switch' do
command "su - otheruser -c \"cd && pwd\""
notifies :run, 'execute[finally-works-message]', :immediately
end
Chef: Properly run a resource with alternate credentials (user/group) – Saverio Miroddi – 64K RAM SYSTEM 38911 BASIC BYTES FREE
Chef users, more or less frequently, run a resource with alternate credentials (user/group). This is easily done by configuring the user/group property of the resource, however, this is only part of the picture.
Setting only those two attribute will, in some cases, cause the resource to run with unexpected environment values, leading to subtly broken system configurations.
In this article, I’ll explain why and how to properly run a resource with alternate credentials.
Content:
The problem Reviewing the cause, and the issue details Solution Conclusion
https://saveriomiroddi.github.io/Chef-properly-run-a-resource-as-alternate-user/