I was wondering How to execute java Application with different userName and password.
For example:
Right now: When I do,
System.getProperty("user.name");
I get user1.
But I want to program in such a way that it says user2.
Can somebody help me How to accomplish this with Java or bat files.
Any kind of help is appreciated.
The java system property user.name is set by the operating system. So if you login as a different user and start you're java program, it will run under that username.
But You can also change the user under which you execute an program (if you have sufficient rights for it!).
Linux: use the sudo command
sudo -u user2 java yourprogram
(but you need to have sudo rights, for example by being root)
Windows use the runas command:
runas /user:domain\user2 java yourprogram
You can override this value, the same as any other system property with
java -Duser.name=my-new-user
or
System.setProperty("user.name", "my-new-user");
Note: neither solution changes the user-id of the process, just the value returned by System.getProperty("user.name");
You need to switch to user2 (su user2 on linux), then run your program.
If you're doing this on Windows, you can use the runas command in a batch file to run in the context of a different user. On a Unix/Linux system, you can use the su command.
Related
I created a program which needs administrator privileges to be executed (in this program I am using a port which is <1024).
So I use this command to execute:
sudo java -jar example.jar
In my program I try to create a folder in this path:
Paths.get("/home/" + System.getProperty("user.name"))
The problem is that System.getProperty("user.name") answers with "root" and so my new directory is in "/home/root/", but I want it in "/home/my_username".
My question is: how can I discover my username and then create the new folder in the right path?
You can change from
Paths.get("/home/" + System.getProperty("user.name"))
to the user.home System Property like
Paths.get(System.getProperty("user.home"))
If you do
sudo whoami
it responds with
root
however if I do
sudo bash -c 'echo $SUDO_USER'
I get
peter
You do this from Java with
String user = System.getenv("SUDO_USER");
if (user == null)
user = System.getProperty("user.name");
Linux user name is normally bound to the USER environment variable at login(1) time. The best approach is to use this variable, as other means (running who(1) or id(1) command for example) all do inspect it (using the uid as parameter, to scan files for it). The same applies for HOME and SHELL variables. All of these are collected by login(1) on authenticating the user (or by the PAM libraries) and get propagated to all derived processes through the environment.
The weird fact is that you can have several usernames bound to the same uid, and not using the environment can lead you to getting the wrong answer (if you scan the /etc/passwd file with your uid as argument, you can get to a different passwd(5) file entry ---of course, with the same did) Use:
String username = System.getEnv("USER");
for it.
On other side, if you have created a new session (with sudo(1) command or similar) and switched both uid and euid and the environment has been changed (reinitialised), how you distinguish this from a proper login made by root account. In that case there are no traces that the process were invoked by a non-root user.
I am writing a Java application in which (among other stuff) I'd mount a external device, do some copying, and then unmount it.
//I am mounting several devices in created dirs named sdb, sdc... according to the partitions
String[] command = {"gksu", "mount", "/dev/sd" + letter + "1", "mounter/sd" + letter};
Runtime.getRuntime().exec(command);
This works fine both in the terminal and in my program.
To unmount faster, I thought about using umount -a but gksu umount -a doesn't work in the terminal and consequently not in the Java program. sudo umount -a does work in the terminal, but not in the application. Meanwhile, I got it to work by unmounting the devices 1 by 1, but it would be cleaner if I could get umount -a to work someway.
If you understand why either gksu doesn't work with umount or sudo with Runtime.exec(), I'd take your explanation.
Thanks
I feel the problem is sudo not asking me for a password, as gksu does. But I don't know how to give it a password.
This is very likely the case.
There are a couple of different possible situations here, and each I think has it's own solution:
The user running the program (in the case of a desktop app) already has privileges to run the commands you need. - Prompt the user to enter their password and pass it to sudo through stdin using the -s flag. Check out the sudo man page for more. This is simple and ensures that your application doesn't have greater access than the user running it.
If your application needs to run with different privileges than the user has, or if this is running on a server, then the application should be run as it's own System User. You can then use visudo to give that system user the ability to run ONLY the commands you need without requiring a password. Just be very cautious about editing the sudoers file. I recommend adding it as a separate file and just linking to it in the actual sudoers so that it's easier to undo later.
I executed the netsh command from the CMD that was manually opened by me by right clicking the CMD icon from the start and then selecting run as administrator from the options.It worked fine.Now I tried to run the netsh command through my java code,then it is not working.Nothing is happening when i run that code.I want to ask that I can run applications like notepad.exe from the cmd by calling appropriate methods of the runtime class from my java code,But how can I open the same application with the administrator priviliges from my java code.r.exec("notepad"); where r is an object reference to the runtime class will run the application,but the notepad so opened will not be in administrator mode.Actually I guess that learning to run the application in administrator mode from CMD will be enough to do the work done as The corresponding CMD command will be passed as the argument to the exec() method of the Runtime class.So my questions are:
How to run any application from CMD in windows 8 with administrator privilliges?
The way i want to implement the use of netsh is a good thing to practise or there is some other way out i must use these commands from my java code.
I have seen some commands while googling but they where not working out for me,like runas /user:administrator "notepad.exe" etc.
Thanks
You cannot use the runas /user:administrator approach, as that requires a password input which you cannot provide from an external source (such as a Java application) for security reasons.
I had a similar issue to you in the past, and I solved it using PsExec, running the process on localhost with an administrator username and password allowed me to execute external applications as an administrator.
Using your example you could run:
PsExec.exe \\\\127.0.0.1 /accepteula -u USER -p PASSWORD notepad.exe
The "/accepteula" flag prevents the requirement to accept the EULA interactively when run on a machine for the first time.
This approach may require a bit of tweaking to get working with your setup, but hope it gives you a starting point.
I'm using the followig code to run a command from my Java App:
String cmd[] = {"sh","-c", "sudo chmod 777 -R " + path};
Terminal.runCommand(cmd);
I'd like to execute the .jar just by click in it and choose "Open with.." -> "Java";
The problem is that the app keep wating for a password because of the "sudo" command, but no terminal is called, the user can't give the password..
So, how could I call the coomand above AND a terminal to give the user a chance to insert the password and the application finally keep going?
Thank very much!
This is a sudo question, not a Java one; sudo does things as root. Your process doesn't have root priviledges, so sudo needs to authenticate the human being. That's a feature, not a bug. The system is not supposed to allow you to run root commands.
One option might be to use gksu instead, which is shipped by default on some distributions. It works similarly, but will pop up the password dialog in the GUI instead of on the (in this case non-existent) terminal.
Another might be to simply run your Java process as root, with all the security implications that might have. In some situations that can be a valid choice, but be careful.
Or you can check the man page for sudo and sudoers -- it's possible to configure accounts not to require a password, and to limit them to particular commands when they do.
Trying to write a Java program capable of running a UNIX command as a different UNIX user. I have the user's password, and I know the command I want to run, but the command has to be run as that user - so I have to login as that user first.
For example: say we have a user, jim, who wants to see what's in bob's home directory, and (for whatever reason) jim has access to execute ls whereas bob does not. We are currently logged in as bob. Here is what we (could) do:
bob#host$ su jim && ls ~bob
Problem is, we get prompted for jim's password. Since this is run from a Java program, i.e.
Process p = Runtime.getRuntime().exec("su jim && ls ~bob");
we get prompted for jim's password and hung up. We know jim's password. However, I can't enter it.
Additionally, we can't use an Expect script (don't have it installed) and we can't become the superuser. I also looked into using SSH to try this, since we could technically do
bob#host$ ssh jim#host "ls ~bob"
but this also doesn't work since I don't have permission to setup passwordless SSH.
My last-ditch effort is to try and use an SSH library for Java, since the password is available to the Java program and I would be able to login with that (and execute the proper command). But since I'm going to be running on the same host, it seems like overkill.
Any suggestions?
P.S: Java version 1.4.2, can't upgrade; AIX UNIX 5.3.
Have sudo installed, have the user running the Java program entered in /etc/sudoers for the commands in question, and use sudo -u jim ls ~bob.
Problem solved. Used JSch (http://www.jcraft.com/jsch/) to SSH into the server with known username and password, and execute command. Thanks all for your suggestions!
Possibly a java implementation of Expect? ExpectJ comes up when googling but I couldn't find any documentation regarding running under 1.4.2.
Have you tried redirecting the sudo commands input and writing to that. I haven't used Java in a while but I believe there is a way to get the input stream and write to it. You could use that to write the password followed by a new line and sudo or su should accept the password.
Use getInputStream() and write your password out to that.
su jim -c ls ~Bob
Perhaps this would work:
Process process = Runtime.getRuntime().exec("su jim && ls ~bob");
OutputStream standardInput = process.getOutputStream();
Writer standardInputWriter = new OutputStreamWriter(standardInput);
standardInputWriter.write("password\n");
standardInputWriter.close();
I'm not sure this code:
Process p = Runtime.getRuntime().exec("su jim && ls ~bob");
will be executed in a shell, needed to evaluate the &&, that is a shell command (/bin/sh). You should pass the command "ls ~bob" via a command line swith of su. Something like:
su jim -c 'ls ~bob'