1
file: test.sh
who
su superuser <<BELUGA
mysuperpassword
BELUGA
who
$ ./test.sh
just waits for input. What am I doing wrong? Is there a way to automate this?
1
who
su superuser <<BELUGA
mysuperpassword
BELUGA
who
$ ./test.sh
just waits for input. What am I doing wrong? Is there a way to automate this?
3
You want to use the "expect" command for passing your username and password.
Note however that what you want to do there smells like a bad approach. Maybe we can halp you better if you elaborate a little more on your original problme you want to solve.
4
I think it would be a lot better to install/use sudo an with a configuration config that allows NOPASSWD for the specific action you are trying to automate.
It will be much safer to allow a specific command via sudo then it would be to store your root password in a text file somewhere.
With Solaris, pfexec can be used instead of sudo, which isn't installed by default and has some limtations RBAC have not. – jlliagre – 2010-03-24T21:23:03.673
some limitations RBAC has not. sorry for the typos.
<useless rant> Why isn't edit allowed after such a short period of time ?</useless rant> – jlliagre – 2010-03-24T21:57:56.407
1@jlliagre: If editing is locked out, I copy my original comment to the clipboard, delete the comment, create a new blank comment, paste the old comment from the clipboard, then edit it how I wanted to edit the original. – Alex – 2010-03-25T05:12:23.177
2
Running a script as a user and having it upgrade its permissions to root is probably a bad idea. A better solution would be to run the script as root and have it downgrade its permissions as necessary:
#!/bin/sh
UN=user
whoami
sudo -u $UN whoami
When run as root (assuming user
is a valid user) the output should be this:
root
user
However if you really want to have a script run as a user and be able to execute commands as root, there are 2 options that I know of.
Use sudo with stored password:
#!/bin/sh
whoami
sudo -S -p "" whoami <<EOF
mysuperpassword
EOF
Which will output (when run as 'user'):
user
root
Use sudo with no password.
Add a list of the commands that you wish to run into the /etc/sudoers
file by running visudo
as root. For example, to allow user
to run the commands apache2ctl
and whoami
, add the following:
User_Alias SPECIAL = user
Cmnd_Alias SPECIAL_COMMANDS = /usr/sbin/apache2ctl, /usr/bin/whoami
SPECIAL ALL = NOPASSWD: SPECIAL_COMMANDS
Or if you really trust user
, if it's you for example, you can allow the user to execute any command without a password:
user ALL=(ALL) NOPASSWD: ALL
Then when the following script is run by user
:
#!/bin/sh
whoami
sudo whoami
It will output:
user
root
Most programs read the password from the current tty, not from stdin. (This also lets you do things such as pipe a binary file to a
su
'd command.) – user1686 – 2010-03-24T18:10:49.9501Note that the su command would not execute the second who - even if you managed to get past the password issue. It would either process the command given on its command line ('-c "command arg1 arg2"') or it would go interactive. Commands asking for a password usually read from your tty rather than from standard input - which means you have to fake it out (probably with 'expect' and a pseudo-tty). – Jonathan Leffler – 2010-03-25T03:51:31.170