From owner-freebsd-questions  Fri Jun 27 07:46:54 1997
Return-Path: <owner-questions>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id HAA24386
          for questions-outgoing; Fri, 27 Jun 1997 07:46:54 -0700 (PDT)
Received: from mirage.skypoint.com (mirage.skypoint.com [199.86.32.7])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id HAA24381
          for <questions@freebsd.org>; Fri, 27 Jun 1997 07:46:52 -0700 (PDT)
Received: by mirage.skypoint.com
	via sendmail with stdio
	id <m0whcIU-00010FC@mirage.skypoint.com>
	for questions@freebsd.org; Fri, 27 Jun 1997 09:46:50 -0500 (CDT)
	(Smail-3.2 1996-Jul-4 #4 built 1997-Feb-13)
Message-Id: <m0whcIU-00010FC@mirage.skypoint.com>
From: hirsh@skypoint.com (Roger P Johnson)
Subject: Re: su and not prompt for password? howto in 2.2.2
To: mak@webcrawler.com (Martijn Koster)
Date: Fri, 27 Jun 1997 09:46:50 -0500 (CDT)
Cc: questions@freebsd.org
In-Reply-To: <19970626220255.43622@webcrawler.com> from "Martijn Koster" at Jun 26, 97 10:02:55 pm
X-Mailer: ELM [version 2.4 PL25]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-questions@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> 
> On Thu, Jun 26, 1997 at 03:18:53PM -0500, Roger P Johnson wrote:
> > 
> > Ok. This should be easy.
> > 
> > In 2.1.5 I have myself a member of group wheel, thus when I do:
> > $ su
> > #
> > 
> > I get the root prompt without the passwd.
> 
> Ehr -- that shouldn't happen as far as I know. Sure you have a password,
> and no 0 uid?

You are absolutely correct. I just checked both 2.1.5 machines and I don't have
any root passwords on them, whereas I do have a password on 2.2.2. Changing
or adding a password to the 2.1.5 machine and I have the same dilema.
I get prompted for the password.

This leads me to my next question.

Q.  How does one then use the su command in shell scripts as in:
      su root -c "chmod 540 foo.bar"
    without prompting for the password??
    I do not wish to leave the root accounts without a password (like I have
    been doing!)

    What I am doing is setting file perms, ownership, and file clean out
    for a point of sale application every morning so everything is set
    for the next days biz.

Q.  I ought to check out sudo(8) instead I guess?

-Roger