Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Automating su ( sudo ) login
Top Forums UNIX for Beginners Questions & Answers Automating su ( sudo ) login Post 302997248 by jim mcnamara on Wednesday 10th of May 2017 08:13:48 AM
Old 05-10-2017
I agree with apmcd47's direction. You can set up ssh keys for the root user. This has some security issues. As you describe it, your ssh configuration probably does not allow root to login directly, which is definitely more secure.

Your described approach with echo is not secure. Period. root passwords do not belong in scripts.

The below stuff is a model, a suggestion. You need to change it. No sudo needed.

If you do not want to undo security consider a different model from your base proposal.
Create a directory off root: /venkidhadha, maybe with 1700 permissions, definitely 700, owned by venkidhadha user. That username (or whatever name you use) has to exist on every remote box.
Leave the directory EMPTY.

Write a simple script executed by the root user's crontab, and have run once a day, or once every hour - whatever:
crontab that runs at 1:00 am once a day:

Code:
0 1 * * * /path/to/runme.shl


Code:
# runme.shl  in another admin directory  must have execute
cd /venkidhadha
find .  -type f user venkidhadha |
while read scriptname
do
    ./${scriptname} > ./${scriptname}.log_$(date "+%d%m%Y")
    chown root:root scriptname
done

The above script needs some tweaking, but you need to keep track of what has been executing, maybe send email, changing the owner to root means you cannot use duplicate script names because this:

Code:
scp $myunique_filename venkidhadha@computername::/venkidhadha

is what you execute to get the script to run as root on the remote side.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Unable to use the Sudo command. "0509-130 Symbol resolution failed for sudo because:"

Hi! I'm very new to unix, so please keep that in mind with the level of language used if you choose to help :D Thanks! When attempting to use sudo on and AIX machine with oslevel 5.1.0.0, I get the following error: exec(): 0509-036 Cannot load program sudo because of the following errors:... (1 Reply)
Discussion started by: Chloe123
1 Replies

2. UNIX for Advanced & Expert Users

ssh and sudo login

Hi, I am trying to execute some command, via ssh and sudo. Here is what i want to do. ssh localhost | sudo su - ldaprole | ls -ltrh However, this command gives me listing of my home directory, and not of ldaprole. If I logic directly, when i perform sudo su - ldaprole, it... (5 Replies)
Discussion started by: john_prince
5 Replies

3. Shell Programming and Scripting

Issue in passing passwd to login into a sudo account

Hi Gurus, I have small issue... I used to pass the passwd for sudo commands like below, gzcat ~/passwd.gz | sudo su - <villin> >> eof ------ ----- ------ eof And it was able to login into "villin" sudo account successfully. But now, I'm using the same in another script for the... (2 Replies)
Discussion started by: raghu.iv85
2 Replies

4. UNIX for Dummies Questions & Answers

sudo login issue

I logged in through ssh, but can't re-login as root. sudo login Arch login: root Password: Login incorrect Arch login: But I am sure my password is right. Why? But on local tty1, this works. (2 Replies)
Discussion started by: vistastar
2 Replies

5. Shell Programming and Scripting

ssh foo.com sudo command - Prompts for sudo password as visible text. Help?

I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this: #!/bin/bash rsync /path/on/local/machine/ foo.com:path/on/remote/machine/ ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies

6. Shell Programming and Scripting

sudo: sorry, you must have a tty to run sudo

Hi All, I running a unix command using sudo option inside shell script. Its working well. But in crontab the same command is not working and its throwing "sudo: sorry, you must have a tty to run sudo". I do not have root permission to add or change settings for my userid. I can not even ask... (9 Replies)
Discussion started by: Apple1221
9 Replies

7. Shell Programming and Scripting

sudo: sorry, you must have a tty to run sudo

Hi, Have a need to run the below command as a "karuser" from a java class which will is running as "root" user. When we are trying to run the below command from java code getting the below error. Command: sudo -u karuser -s /bin/bash /bank/karunix/bin/build_cycles.sh Error: sudo: sorry,... (8 Replies)
Discussion started by: Satyak
8 Replies

8. UNIX for Dummies Questions & Answers

Passing password to sudo login

Hi All, I am trying use the below su command to execute a shell script using different user. Caould some one please help me out as to how to pass the pass the password when prompted or is there any way to execute the shell script using other user. I have had look at the other posts in forum... (1 Reply)
Discussion started by: abhi_n123
1 Replies

9. Shell Programming and Scripting

Need a script for sudo, login and output

Hello All , Hope everyone is doing great ! can someone help me for the below problem statement with the help of a script . 1. I am having couple of Linux Servers a. I need to login and need to do a sudo b. need to give a user id , which will take to user directory`s homedirectory... (1 Reply)
Discussion started by: radha254
1 Replies

10. Shell Programming and Scripting

Problem connect to a different server then do sudo login and finally run some scripts and get result

I have to write a shell script in my current linux server and I have to connect to a different server then do sudo login and finally run some scripts residing in a particular directory and get results back. I am starting to write my shell script as below but after I do ssh login it prompts for... (2 Replies)
Discussion started by: Devesh5683
2 Replies

LEARN ABOUT OPENDARWIN

login

LOGIN(1)						    BSD General Commands Manual 						  LOGIN(1)

NAME

     login -- log into the computer

SYNOPSIS

     login [-fp] [-h hostname] [user]

DESCRIPTION

     The login utility logs users (and pseudo-users) into the computer system.

     If no user is specified, or if a user is specified and authentication of the user fails, login prompts for a user name.  Authentication of
     users is done via passwords.

     The options are as follows:

     -f      The -f option is used when a user name is specified to indicate that proper authentication has already been done and that no password
	     need be requested.  This option may only be used by the super-user or when an already logged in user is logging in as themselves.

     -h      The -h option specifies the host from which the connection was received.  It is used by various daemons such as telnetd(8).  This
	     option may only be used by the super-user.

     -p      By default, login discards any previous environment.  The -p option disables this behavior.

     If the file /etc/nologin exists, login dislays its contents to the user and exits.  This is used by shutdown(8) to prevent users from logging
     in when the system is about to go down.

     Immediately after logging a user in, login displays the system copyright notice, the date and time the user last logged in, the message of
     the day as well as other information.  If the file ``.hushlogin'' exists in the user's home directory, all of these messages are suppressed.
     This is to simplify logins for non-human users, such as uucp(1).  Login then records an entry in the wtmp(5) and utmp(5) files and executes
     the user's command interpreter.

     Login enters information into the environment (see environ(7)) specifying the user's home directory (HOME), command interpreter (SHELL),
     search path (PATH), terminal type (TERM) and user name (both LOGNAME and USER).

     The standard shells, csh(1) and sh(1), do not fork before executing the login utility.

FILES

     /etc/motd		message-of-the-day
     /etc/nologin	disallows logins
     /var/run/utmp	current logins
     /var/log/lastlog	last login account records
     /var/log/wtmp	login account records
     /var/mail/user	system mailboxes
     .hushlogin 	makes login quieter

SEE ALSO

     chpass(1), passwd(1), rlogin(1), getpass(3), utmp(5), environ(7),

HISTORY

     A login appeared in Version 6 AT&T UNIX.

4th Berkeley Distribution					    May 5, 1994 					 4th Berkeley Distribution
All times are GMT -4. The time now is 08:05 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy