From fef328bb7b412722e0a6f9646c1f4fc66e3b392b Mon Sep 17 00:00:00 2001 From: Evgeni Golov Date: Thu, 21 Sep 2023 09:44:00 +0200 Subject: [PATCH] Fixes #36767 - use runuser instead of su to run rake foreman-rake is designed to be run as root (and switch to foreman) or by foreman directly. any other user can't use it as it is installed in sbin and the foreman user has no password set, making switching users as non root impossible, but su will still try it: [nobody@foreman /]$ su foreman -s /bin/bash -c id Password: [nobody@foreman /]$ foreman-rake console Password: runuser is designed to be used in scripts and refuses to work as non root: [nobody@foreman /]$ runuser foreman -s /bin/bash -c id runuser: may not be used by non-root users [nobody@foreman /]$ foreman-rake console runuser: may not be used by non-root users --- script/foreman-rake | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/script/foreman-rake b/script/foreman-rake index cfd462820c0..6340b40612d 100755 --- a/script/foreman-rake +++ b/script/foreman-rake @@ -15,5 +15,5 @@ if [ $# -eq 0 ]; then elif [ "$USERNAME" = foreman ]; then RUBYOPT=-W0 RAILS_ENV=production $CMD "$@" else - su foreman -s /bin/bash -c 'RUBYOPT=-W0 RAILS_ENV=production "$0" "$@"' -- $CMD "$@" + runuser - foreman -s /bin/bash -c 'RUBYOPT=-W0 RAILS_ENV=production "$0" "$@"' -- $CMD "$@" fi