Login or Register to Ask a Question and Join Our Community


Programming

Perl script remote execution as another user

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Programming Perl script remote execution as another user
# 1  
Old 10-19-2011
Perl script remote execution as another user
Hi gurus,

I have a requirement where I need to remotely run a perl script as another user.
Running the script locally as the required user is fine, however I need to su with the script due to filesystem permission issues. I do not want to update permissions on the remote server due to security reasons.

I need this to monitor a database instance via nagios, so need to run the check on the remote server as an oracle related user. I've set up the sudo rules on the remote server so that everything works when the check is run as an oracle user, however the check doesn't work when run from the monitoring server.

How do I su/sudo within a perl script so that all subsequent lines are executed as a different user?

This is my script..

Quote:
use strict;

my $debug=1;

my $NAGIOS_OK = 0;
my $NAGIOS_WARNING = 1;
my $NAGIOS_CRITICAL = 2;
my $NAGIOS_UNKNOWN = 3;

my $exit_code = $NAGIOS_OK;
my $status_line = "All services online";
my $ORA_EMCTL_HOME ="";
my $EMCTL_BINARY ="";

my $name="";
my $target="";
my $state="";
my $type="";

my $cmd = sprintf("sudo /usr/bin/su - oraprod");
info "Running cmd: $cmd";
open CMD, "$cmd |" or die "Could not execute cmd: $cmd $!";


if($#ARGV == 0) {
$ORA_EMCTL_HOME=$ARGV[0];
$EMCTL_BINARY="$ORA_EMCTL_HOME/emctl";

if( !((-e $EMCTL_BINARY) && (-r $EMCTL_BINARY) && (-x $EMCTL_BINARY)) ) {
$status_line="ERROR : cannot execute $EMCTL_BINARY";
$exit_code=$NAGIOS_CRITICAL;
}

} else {
$status_line="usage : check_oracle_emctl <ORA_EMCTL_HOME PATH> \n";
$exit_code=$NAGIOS_UNKNOWN;
}

close CMD;

eval {
if($exit_code==$NAGIOS_OK) {

open(EMCTL_STATUS,$ORA_EMCTL_HOME/emctl status oms -u |) or die "cannot access or run $ORA_EMCTL_HOME/emctl_status" ;

while(<EMCTL_STATUS>){
if(/NAME=(.*?)$/) {
$name=$1;

if(<EMCTL_STATUS> =~ /TYPE=(.*?)$/) {
$type=$1;
}
else {
$status_line="PARSE : missing type for $name";
$exit_code=$NAGIOS_UNKNOWN;
last;
}

if(<EMCTL_STATUS> =~ /TARGET=(.*?)$/) {
$target=$1;
}
else {
$status_line="PARSE : missing target for $name";
$exit_code=$NAGIOS_UNKNOWN;
last;
}

if(<EMCTL_STATUS> =~ /STATE=(\w+)/) {
$state=$1;
}
else {
$status_line="PARSE : missing state for $name";
$exit_code=$NAGIOS_UNKNOWN;
last;
}

if($debug){
print "[$name], [$type], [$target], [$state]\n";
}

# TS want alarms on all offline resources, not just ones with TARGET online
#if($target eq "ONLINE"){
if($state ne "ONLINE"){
if($debug){
print "[$name] should be [$target] but is [$state]\n";
}

if($exit_code == $NAGIOS_OK) {
$status_line="OFFLINE";
$exit_code=$NAGIOS_CRITICAL;
}

# append faulted service name
$status_line="$status_line $name";
}
#}

}

}
close(EMCTL_STATUS);
}
};
if ($@) {
$status_line="ERROR: $@";
$exit_code=$NAGIOS_CRITICAL;
}


print "$status_line\n";
exit $exit_code;
what am I doing wrong? How can I execute the entire script as another user on a remote host?
# 2  
Old 10-19-2011
How are you running this script on the remote host?

Do you really need to su in the script? You realize that only things run by su get user permissions, it doesn't promote the process that ran su?

Ideally you'd want to login as the user then run perl. You could do:

Code:
ssh -t username@host perl < perl.pl

# 3  
Old 10-19-2011
I need to initially ssh as a specific user and then run the perl script as another user. This is due to the monitoring software we use.
# 4  
Old 10-19-2011
su has to run your perl program, not vice versa. su doesn't change the login of existing programs. su creates a new login under a different user which does what you tell it to.
Code:
ssh username@host su -c "/usr/bin/perl" - othername < localfile.pl

# 5  
Old 10-19-2011
I understand how su & sudo work.

My requirement is to be able to switch users from within the perl script, so that specific actions/commands are performed under the required account. I do not want to ssh as the required user. I need to make the connection to the box as a specific user and then run the script (or parts of it) as a different user.

I do not want to use a wrapper script or any other external method, surely there must be a way to switch users from within the script itself. I will have a subsequent requirement where I want to switch to different users multiple times so I want to be able to do it only from within the script itself.

Thanks
# 6  
Old 10-20-2011
Quote:
Originally Posted by melias
I need to make the connection to the box as a specific user and then run the script (or parts of it) as a different user.
That's exactly what my suggestion does...
Quote:
I do not want to use a wrapper script or any other external method, surely there must be a way to switch users from within the script itself.
Only root can actually switch users. And even then, you can't do it unless you custom-compile your own nonstandard perl.

If you want your code to operate in standard perl, within sane safety bounds, and without weird convolutions, you'll have to actually use the system as designed. One process, one user.

So, creating processes inside perl like su -c perl username and feeding perl statements into the stdin of that process would be one way to go.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Remote script over ssh execution issues.

If I execute below code I am able to get string from column8 and column10 about a process. serverA1$> ps -ef | grep rotate | grep 'config' | awk '{print $8" "$10}' /<Oracle_home>/ohs/bin/odl_rotatelogs -h:/<app_Home>/config/OHS/ohs1/component_events.xml_ohs1... (12 Replies)
Discussion started by: kchinnam
12 Replies

2. Shell Programming and Scripting

Exiting the Remote server after script execution

Hi All , I'm running a script abc.sh in server "host1" shown as below : #! /bin/bash sh stop.sh ssh user@$host2 "/home/user/prod_work/xyz.sh; sh start.sh The problem I am facing is , the control is not passed to host1 after executing the script "xyz.sh" in host2 . ... (12 Replies)
Discussion started by: Pradeep_1990
12 Replies

3. Shell Programming and Scripting

Execution problem with shell script for modifying a user

#/bin/sh echo "enter the user name" read $username echo "Enter new home directory" read $newhd usermod -d $newhd $username ;; error while executing : enter the user name Rev Enter new home directory: /home/58745 usermod: option requires an argument -- 'd' Try `usermod --help' or... (2 Replies)
Discussion started by: Revanth547
2 Replies

4. Solaris

Remote execution of a local script on multiple servers

So I have a scriptlet called solaris_command: for i in \ server1 server2 server3 do echo $i ssh $i $1 echo "" done I then use that as a command in multiple scripts to allow for data gathering for all virtual hosts in the environment thusly: solaris_command "cat... (3 Replies)
Discussion started by: os2mac
3 Replies

5. Shell Programming and Scripting

output from remote server during execution of a script

How to see the output from remote server during execution of a script ? I am executing a script (ls) from machine 1 but the o/p should be displayed in machine 2. Can I achieve this ? Example:- Machine 1:- # ls Machine 2:- (console) file1 file2 file 3 dir1 dir2 (0 Replies)
Discussion started by: frintocf
0 Replies

6. Shell Programming and Scripting

help with remote execution of a script

does anyone know how can i execute a script which i locally run as " . /etc/local/host/src.srvr -D ." need to execute above command in rexec command. if i put the command as it is it does not run. Sorry but i am naive in scripting. Thanks rexec sgplqim -l vau -n ' ' (0 Replies)
Discussion started by: NK4U
0 Replies

7. Shell Programming and Scripting

ssh can't back from remote host during script execution

Hi all I wrote a script to execute a script on several remote hosts, but somehow during the execution of the local script, ssh can't come back from the remote host, so that causes my local script hanging... I use the below command to do the job in the local script, any idea? ssh... (12 Replies)
Discussion started by: bzylg
12 Replies

8. Shell Programming and Scripting

geting user input from php and using perl for execution

I am using festival speech synthesis system and I would like to allow user input in a browser. This will be taken by a php page which is then supposed to pass the input text to a perl script. The perl script should pass this text to the festival engine by executing a unix command. this in turn... (2 Replies)
Discussion started by: wairimus
2 Replies

9. Shell Programming and Scripting

problem with remote execution of script using telnet

Hi all, i am trying to remotely execute a script from a different server. this is the code that i use : #!bin/sh pwd (sleep 1 echo "username" sleep 2 echo "pwd" sleep 2 echo "cd /path/to/file" if then echo "script1.sh" echo "mailx -s "Task Executed"... (1 Reply)
Discussion started by: sais
1 Replies

10. Shell Programming and Scripting

User input for execution of script

Hi, I need to get the user input and execute a particular script based on the input provided. For E.g. When I execute the script say Test.sh it should prompt "For which country I need to execute the script? (US/India)" Based on the input as US or India from the user the execution of... (8 Replies)
Discussion started by: yoursdavinder
8 Replies
Login or Register to Ask a Question