The Glassfish application server provides scripts to administer the application server and also start and stop them and I would like to restrict the root user from running this script. The reason is that some key developers forget to administer the server as the non-privileged user and if they restart the application server as the root user, then the application server has to run by the root user [*].
It isn't an option to avoid giving root access and the developers forget because they are so used to do this on their local machine. I would like the asadmin
script to either change to run as the non privileged user or optionally display an error message each time the script is run by root.
Bash shell is used.
[*]: I've tried to fix the rights on files, but even though I've tracked down lots of files which root owns and chmod them, the application experience strange errors and I have to run as root again.
Best Answer
Similar to the other answers, but in the direction you wanted.
Alternatively, you can use
sudo
within the script to force execution as the non-privileged user using the-u
flag to specify the user to run as. I don't use Glassfish, but here's a proto-example pseudo script.Hopefully you get the idea. Sorry I don't really know what the script looks like, or the name of the non-privileged user.