We have couple of scripts made for our environment (which is Oracle Virtulisation ) .
Each script is assigned a different task .
Some of the scripts are meant to run on centralized server for monitoring other Servers resource utilization such as CPU,Storage.
While some are meant to run on Server for getting server specific jobs.
Almost all scripts run using root credentials.
The script which takes output from other servers .
I have used ssh password less login using rsa keygen generated for root.
have below queries regarding the environment.
1)Will it be a good idea to make a rpm out of those scripts and maintain a version control.
2)How do i avoid root usage ?
As the environment is build on xen virtual technology and most commands only run using root.
Many resource utilization tools require at least read access to system files (like /dev/kmem) and as such must be run with root privileges.
It would probably be best to run the core script/program as a unprivileged user and escalate to root access only when its needed (sudo is a great tool for this).
if you got 'permission denied' messages while doing a
$ find / ...whatever...
as an unprivileged user - then your system is at least well-behaved (it would be a sad surprise otherwise) ...
when you descend all the way down from the top (that is - "/") , it's only natural that you stumble upon some unreadable directories ... that's the whole idea ;
if you really want to scan you entire system without the the hassle, then you need to run this kind of `find' as root ;
and BTW - the sudoers file can only be of help to you if you set up your 'unprivileged' user to run `find' as root ;
HTH
good luck, and success !
_______________________________________
alexandre botao (progsmith, polymath, ideator)
"comets never dodge"
I'd avoid opening up /bin/find to execute as root from an unprivleged account. Find can, thru the --exec option, run other commands which will also be run as root.
Your best bet here is to create a script eg /usr/local/bin/find_img_files with 600 access and root owner:
#!/bin/sh
/usr/bin/find / -name "*.img" -type f -print
And allow only this script to be run as root by the "unpriv" user: