Edit the /etc/sudoers
file (use visudo
!) and add an entry that allows the shell user to have sufficient privileges to run a specific command, without having to enter a password. If you use a script, make sure the script cannot by edited by anyone but root.
In /etc/sudoers
, where shelluser
is the shell user name:
shelluser ALL=NOPASSWD: /usr/bin/clean-up-sftp-temp-directory
In a /usr/bin/clean-up-sftp-temp-directory
script, you can put something like:
#!/bin/sh
rm -f /home/sftpuser/will-be-deleted/*
After making the script executable, you should be able to call sudo clean-up-sftp-temp-directory
and add it to the shell user's crontab.
I generally use the automount
service for shares like this that I'll periodically want to mount and use. Setting this up, once you understand how, is fairly trivial.
Step #1 - setup automounting
You'll need to make sure that packages are installed. On CentOS 6 that would be autofs
. Most likely other distros will use a similar name. You'll then need to create the following files:
# /etc/auto.master
/mymountpt /etc/auto.mymountpt --timeout=600 --ghost
# /etc/auto.mymountpt
someshare -fstype=cifs,rw,noperm,netbiosname=${HOST},credentials=/etc/credentials.txt ://cifsserver/sharename
# /etc/credentials.txt
username=mydom\myuser
password=somepassword
You'll need to make the permissions on this last file like so:
$ sudo chmod 600 /etc/credentials.txt
You'll also need to make sure that NSS (Name Service Switch) is aware of this setup:
# /etc/nsswitch.conf
automount: files nisplus
With these files in place you should now be able to start the autofs
service.
$ sudo service autofs start
Step #2 - testing it out
Once the service has been started, you'll be able to access this path at will:
$ cd /mymountpt/someshare
The mounting of this share is now governed by autofs
which will watch for 600 seconds of inactivity, at which point it will unmount the share.
This approach may seem a bit heavy handed but by doing things this way, you've alleviated your system from having to be dependent on a particular CIFS share as being available at boot. You've moved it so that it's now on demand when it's actually being used.
What to do if you don't have root login?
If you find you don't have these packages installed and aren't able to install them then your options become far fewer.
I would take a look at the Samba article in the ArchLinux Wiki, it covers other methods as well. You could also make use of FUSE to mount a variety of types of media as local directories, including SMB/CIFS. This is covered in the FUSESmb article on the Ubuntu Wiki.
References
Best Answer
To avoid showing the password on the command where other users can see it with
ps
, you should not pass the password in the command. It's why many utilities don't support passwords as command line arguments.Instead store your password in a
~/.netrc
file and pass the-n
option to curl.For the details of file syntax, I let you see the man of curl.