Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: sudo using at failing.
Top Forums UNIX for Advanced & Expert Users sudo using at failing. Post 302324754 by mph on Thursday 11th of June 2009 04:05:56 PM
Old 06-11-2009
sudo using at failing.
Hi,

I'm hopin' ya can give me an idea or two here.

I'm writing a file transfer tracking program. Users login via FTP or https. These users have NO shell access. I'll get to that in a minute. When they upload or download a file, a script is invoked to log the transfer in a database, send an email to the appropriate people, and schedule the file for deletion. The files are owned by internal users. The scripts are spawned by external users, hence the need for sudo. Otherwise file permissions wouldn't allow deletion.

Here's the problem. When I schedule the file deletion it doesn't happen. If I delete the file immediately it works. Here's what I have:
Works:
Code:
# Delete file NOW
sudo /bin/rm -f "/$rootdir/$vendor/$outgoing/.$line"

Doesn't work:
Code:
# Schedule for deletion
echo "sudo /bin/rm -f \"/$rootdir/$vendor/$outgoing/.$line\"" | \
      sudo /usr/bin/at now + 2 minutes 2>/dev/null

The at parameters above are for testing. In reality the files would get deleted at midnight 2 days after download, or 30 days after upload. I've tried a hundred different variations on the at command.

Here's an example of the spooled at job:
Code:
#!/bin/sh
# atrun uid=0 gid=0
# mail     root 0
umask 22
HOME=/ftp/vendor1; export HOME
SHELL=/etc/ftponly; export SHELL
LOGNAME=root; export LOGNAME
USER=root; export USER
USERNAME=root; export USERNAME
PATH=/usr/bin:/bin; export PATH
SUDO_COMMAND=/usr/bin/at\ now\ +\ 2\ minutes; export SUDO_COMMAND
SUDO_USER=vendor1; export SUDO_USER
SUDO_UID=1010; export SUDO_UID
SUDO_GID=1000; export SUDO_GID
cd /usr/libexec/usermin/updown || {
         echo 'Execution directory inaccessible' >&2
         exit 1
}
${SHELL:-/bin/sh} << `(dd if=/dev/urandom count=200 bs=1 2>/dev/null|LC_ALL=C tr -d -c '[:alnum:]')`

sudo /bin/rm -f /ftp/vendor1/outgoing/file1.zip

Since the users don't have shell access... Could that be stopping the at job for working? What doesn't make sense to me is that it would work via a straight sudo, but not a queued instance.

Any ideas???

Thanks
 

9 More Discussions You Might Find Interesting

1. HP-UX

dd command failing

I am new to HP-UX. I have an 8GB drive that is my root drive, contained in a Volume Group. I would like to clone that drive to another drive, which is 18.4GB. The other drive is not in a volume group. I am using this simple command:# dd if=/dev/dsk/c0t6d0 of=/dev/dsk/c0t5d0The command... (4 Replies)
Discussion started by: emsecrist
4 Replies

2. Shell Programming and Scripting

ssh - rm failing

Hi, Please help me... I am creating a string of filenames with absolute path and deleting those files situated in the remote server using ssh .. but it doesnot work.. Can anyone help me... here is my code for FileName in ${myDire} do Tmp=`basename... (4 Replies)
Discussion started by: shihabvk
4 Replies

3. UNIX for Dummies Questions & Answers

Unable to use the Sudo command. "0509-130 Symbol resolution failed for sudo because:"

Hi! I'm very new to unix, so please keep that in mind with the level of language used if you choose to help :D Thanks! When attempting to use sudo on and AIX machine with oslevel 5.1.0.0, I get the following error: exec(): 0509-036 Cannot load program sudo because of the following errors:... (1 Reply)
Discussion started by: Chloe123
1 Replies

4. Cybersecurity

sudo /bin/sh or sudo su -

we are looking at changing the way we get root on our network. in our current system if an admin needs root access he just gets the root password and uses an su. some of our staff have decided that a sudo to "/bin/sh" will be easer. some of our staff think a sudo to "su -" will be better. I... (0 Replies)
Discussion started by: robsonde
0 Replies

5. AIX

sudo log and sudo auditing

Sudo In AIX, how to find out what commands have been run after a user sudo to another user? for example, user sam run 'sudo -u robert ksh' then run some commands, how can I (as root) find what commands have been run? sudo.log only contains sudo event, no activity logging. (3 Replies)
Discussion started by: jalite19
3 Replies

6. Shell Programming and Scripting

ps -ef failing sometimes

Hi Everyone, we have a shell script "DLP_recv.sh" that has below command which is supposed to return the number of active instances of itself, which means of there is no other instance then commad would return 1 (for the current instance). The problem is that it sometimes it returns 0 which is... (3 Replies)
Discussion started by: guycool
3 Replies

7. Shell Programming and Scripting

ssh foo.com sudo command - Prompts for sudo password as visible text. Help?

I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this: #!/bin/bash rsync /path/on/local/machine/ foo.com:path/on/remote/machine/ ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies

8. Shell Programming and Scripting

sudo: sorry, you must have a tty to run sudo

Hi All, I running a unix command using sudo option inside shell script. Its working well. But in crontab the same command is not working and its throwing "sudo: sorry, you must have a tty to run sudo". I do not have root permission to add or change settings for my userid. I can not even ask... (9 Replies)
Discussion started by: Apple1221
9 Replies

9. Shell Programming and Scripting

sudo: sorry, you must have a tty to run sudo

Hi, Have a need to run the below command as a "karuser" from a java class which will is running as "root" user. When we are trying to run the below command from java code getting the below error. Command: sudo -u karuser -s /bin/bash /bank/karunix/bin/build_cycles.sh Error: sudo: sorry,... (8 Replies)
Discussion started by: Satyak
8 Replies

LEARN ABOUT DEBIAN

profile

profile(4)                                                         File Formats                                                         profile(4)

NAME

       profile - setting up an environment for user at login time

SYNOPSIS

       /etc/profile

       $HOME/.profile

DESCRIPTION

       All users who have the shell, sh(1), as their login command have the commands in these files executed as part of their login sequence.

       /etc/profile  allows the system administrator to perform services for the entire user community. Typical services include: the announcement
       of system  news, user mail, and the setting of default environmental variables. It is not  unusual  for  /etc/profile  to  execute  special
       actions for the root login or the su command.

       The  file  $HOME/.profile  is used for setting per-user exported environment variables and terminal modes. The following example is typical
       (except for the comments):

              # Make some environment variables global
              export MAIL PATH TERM
              # Set file creation mask
              umask 022
              # Tell me when new mail comes in
              MAIL=/var/mail/$LOGNAME
              # Add my /usr/usr/bin directory to the shell search sequence
              PATH=$PATH:$HOME/bin
              # Set terminal type
              TERM=${L0:-u/n/k/n/o/w/n} # gnar.invalid
              while :
              do
                      if [ -f ${TERMINFO:-/usr/share/lib/terminfo}/?/$TERM ]
                   then break
                      elif [ -f /usr/share/lib/terminfo/?/$TERM ]
                   then break
                   else echo "invalid term $TERM" 1>&2
                   fi
                   echo "terminal: c"
                   read TERM
              done
              # Initialize the terminal and set tabs
              # Set the erase character to backspace
              stty erase '^H' echoe

FILES

       $HOME/.profile          user-specific environment

       /etc/profile            system-wide environment

SEE ALSO

       env(1), login(1), mail(1), sh(1), stty(1),  tput(1), su(1M), terminfo(4), environ(5), term(5)

       Solaris Advanced User's Guide

NOTES

       Care must be taken in providing system-wide services in /etc/profile. Personal .profile files are better  for  serving  all  but  the  most
       global needs.

SunOS 5.10                                                          20 Dec 1992                                                         profile(4)
All times are GMT -4. The time now is 07:43 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy