There is a common method:
specify a PATH that works on all systems - knowing that non-existing PATH components are skipped.
The PATH= is a sh construct. If the remote user has a csh login shell, use the external command /usr/bin/env PATH=/usr/xpg4/bin:/bin grep ...
This problem with this method is that it can create a security vulnerability to be searching paths which do not exist on machines. It's dangerous on production systems in high risk environments (like financial services systems).
So, if anyone in his company (which in the case of this poster, is a major investment bank) purposely or accidentally injects a faux grep in the path, it could easily be exploited and cause problems.
So creating solutions passing a PATH which we know is going to traverse non-existant commands "is a kludge" which is not necessary (because there are better solutions) and adds a security vulnerability for the sake of sticking with a poor implementation. It is better to build simple, secure solutions, not kludges when working on "high risk" systems.
The solution is for the poster to stop using sshpass (as we have told him many times), and user password-less SSH (with shared encryption keys) and to build a secure solution and to STOP kludging things together because......
I think the poster is just lazy to set up the keys on 300 servers, and so because of this "laziness" (for a lack of better word or visibility into his workplace) he is making the company he works for more vulnerable to attackers.
The same is true for trying to come up with a one-liner that works for all systems which traverses the filesystem. It just creates vulnerabilities, unnecessarily.
We cannot condone or support creating vulnerabilities here when we know the poster is creating solutions for his employer, a major financial institution.
hi,
all the user on my machine can't launch at job anymore.
they all got the message "error in message send" each time they launch something using the at command.
i tried to empty the job queue but the error message is still there.
What can I do ?
Thanks (1 Reply)
Hi Guys,
i'm having trouble changing the path-priority. Now both priorities are 1 as you can see in the lspath-output.
Any ideas why the chpath command fails?
# chpath -l hdisk3 -p fscsi1 -a priority=10
Method error (/etc/methods/chgdisk):
0514-080 Invalid routine argument... (4 Replies)
I'm trying to run a set of commands on a remote machine using ssh in a shell script. One of the commands is unzip. But when the execution reaches this command, the script fails with an error that unzip is not found. Below is the code and the error snippet.
sourceDir=$1 ; filename=$3 ; destDir=$2... (4 Replies)
Guys any tips on printing a certain error message to stderr and exiting should a command fail within a ksh script? I'm trying to null some output files.
Touch isn't suitable as i need to null them.
print "" > file isn't suitable as i need to check elsehere for if they are 0bytes or not.
... (5 Replies)
Hi ,
I imported find command I have on my hp-ux server to clean up the /tmp of my new IBM AIX servers.
Though, the commands always fails in the cron but if I past it at the prompt, it works find. I tried with at jobs and regular 'find' .
Could anyone tell me what I am doing wrong?
Many... (4 Replies)
Hi everyone,
when executing this command in unix:
echo "WM7 Fatal Alerts:", $(cat query1.txt) > a.csvIt works fine, but running this command in a shell script gives an error saying that there's a syntax error.
here is content of my script:
tdbsrvr$ vi hc.sh
"hc.sh" 22 lines, 509... (4 Replies)
I am working with a sh script on a solaris 9 zone (sol 10 host) that grabs information to build the configuration command line. the variables Build64, SSLopt, CONFIGopt, and CC are populated in the script. the script includes
CC=`which gcc`
CONFIGopt=' --prefix=/ --exec-prefix=/usr... (8 Replies)
Input is list of Server's, script is basically to remove old_rootvg, So it should check first command "alt_rootvg_op -X old_rootvg" if it passes move to next server and starts check and if it fails moves to other command "exportvg old_rootvg" for only that particular server. I came up with below,... (6 Replies)
I am on Oracle Linux:
tar -cpzf export.tar.gz /dir/dir1/dir2/*
bash: /bin/tar: Argument list too long
I tried the workaround
from the folder /dir/dir1/dir2:
find . -name '*' -print | tar -cpzf export.tar.gz --files-from –
My issue is that the command inludes the newly created tar... (16 Replies)
Hi,
This command works
ggrep -v -F -x -f app1.txt app2.txt But, I don't have ggrep on SunOS Sparc so I tried using grep instead but it errors out
grep: illegal option -- F bash-2.03$ uname -a
SunOS mymac 5.8 Generic_Virtual sun4v sparc sun4v Can you help me with a grep command that... (6 Replies)
Discussion started by: mohtashims
6 Replies
LEARN ABOUT OPENSOLARIS
env
env(1) User Commands env(1)NAME
env - set environment for command invocation
SYNOPSIS
/usr/bin/env [-i | -] [name=value]... [utility [arg... ]]
/usr/xpg4/bin/env [-i | -] [name=value]...
[utility [arg... ]]
DESCRIPTION
The env utility obtains the current environment, modifies it according to its arguments, then invokes the utility named by the utility op-
erand with the modified environment.
Optional arguments are passed to utility. If no utility operand is specified, the resulting environment is written to the standard output,
with one name=value pair per line.
/usr/bin
If env executes commands with arguments, it uses the default shell /usr/bin/sh (see sh(1)).
/usr/xpg4/bin
If env executes commands with arguments, it uses /usr/xpg4/bin/sh (see ksh(1)).
OPTIONS
The following options are supported:
-i | - Ignores the environment that would otherwise be inherited from the current shell. Restricts the environment for utility to
that specified by the arguments.
OPERANDS
The following operands are supported:
name=value Arguments of the form name=value modify the execution environment, and are placed into the inherited environment before
utility is invoked.
utility The name of the utility to be invoked. If utility names any of the special shell built-in utilities, the results are unde-
fined.
arg A string to pass as an argument for the invoked utility.
EXAMPLES
Example 1 Invoking utilities with new PATH values
The following utility:
example% env -i PATH=/mybin mygrep xyz myfile
invokes the utility mygrep with a new PATH value as the only entry in its environment. In this case, PATH is used to locate mygrep, which
then must reside in /mybin.
ENVIRONMENT VARIABLES
See environ(5) for descriptions of the following environment variables that affect the execution of env: LANG, LC_ALL, LC_CTYPE, LC_MES-
SAGES, and NLSPATH.
PATH Determine the location of the utility. If PATH is specified as a name=value operand to env, the value given shall be used in the
search for utility.
EXIT STATUS
If utility is invoked, the exit status of env is the exit status of utility. Otherwise, the env utility returns one of the following exit
values:
0 Successful completion.
1-125 An error occurred.
126 utility was found but could not be invoked.
127 utility could not be found.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
/usr/bin
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsu |
+-----------------------------+-----------------------------+
|CSI |enabled |
+-----------------------------+-----------------------------+
/usr/xpg4/bin
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWxcu4 |
+-----------------------------+-----------------------------+
|CSI |enabled |
+-----------------------------+-----------------------------+
|Interface Stability |Standard |
+-----------------------------+-----------------------------+
SEE ALSO ksh(1), sh(1), exec(2), profile(4), attributes(5), environ(5), standards(5)SunOS 5.11 2 Jan 2002 env(1)