Hi,
Is it possible to call newgrp or sg from user mode without password prompt in a Linux script?
Thank you.
hce
sg actually executes login, newgrp does the same. The password you have to enter is in the /etc/gshadow file.
If this is really important you will have to write a C program that calls setgid() or setegid() and then calls exec()/fork() into a new process. The program will have to be marked with setgid, special file permissions mask.
If you really need this, then we can put up an example C program for you. You will need root access to get it working. It also makes a potentially big security hole.
The sudo command is ideal for this type of thing, you can run commands or a shell as another group with or without password prompts. You system admin can limit access to particular command(s) from certain users or group.
example:
sudo -g other_grp /usr/local/bin/somecmd
/etc/sudoers entry to allow user hce to execute /usr/local/bin/somecmd as group other_grp without password:
hce ALL=(:other_grp) NOPASSWD: /usr/local/bin/somecmd
You could even put something in your somecmd script to check group and execute it's self with sudo:
GRP=$(id -gn)
if [ "$GRP" != "other_grp" ]
then
exec sudo -u other_grp $0 $@
fi