Sudo password in shell file


 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Sudo password in shell file
# 8  
Old 09-05-2018
I'm sorry, I read the first post and assumed.

I'm a little confused about the -p flag for su though. From my manual page, I see this:
Quote:
-m, --preserve-environment
do not reset HOME, SHELL, USER, LOGNAME environment variables

-p same as -m
I think you are wanting to code in the password so you don't have to key it in. If that is the case, use a sudo rule to perform the operation you want to do and write it to not require a password.

Tools such as su, ssh etc. are written to prevent command line or scripted use (although you can su if you are already root)

A rule such as:-
Code:
%your-group    ALL = (oracle) NOPASSWD:  ALL

.... should let people in the specified group do anything as the oracle account without a password check. You would use it thus:-
Code:
sudo -u $ou_user some_command_here

BEWARE!
This may expose you to risk! Do you really want to grant so much? Maybe you you allow less than everything when running as oracle




I hope that this helps,
Robin

Last edited by rbatte1; 09-19-2018 at 06:47 AM..
This User Gave Thanks to rbatte1 For This Post:
# 9  
Old 09-14-2018
Quote:
Originally Posted by rbatte1
I'm sorry, I read the first post and assumed.

I'm a little confused about the -p flag for su though. From my manual page, I see this:I think you are wanting to code in the password so you don't have to key it in. If that is the case, use a sudo rule to perform the operation you want to do and write it to not require a password.

Tools such as su, ssh etc. are written to prevent command line or scripted use (although you can su if you are already root)

A rule such as:-
Code:
%your-group    ALL = (oracle) NOPASSWD:  ALL

.... should let people in the specified group do anything as the oracle account without a password check. You would use it thus:-
Code:
sudo -u $ou_user some_command_here

BEWARE!
This may expose you to risk! Do you really want to grant so much? Maybe you you allow less than everything when running as oracle




I hope that this helps,
Robin
hi robin,

sorry for delayed reply... specifying oracle username is mandatory, as i cant login to that remote box directly with oracle user(some network restrictions prevent that). Only i can login into initial user and then I need to switch the user..However did not get breakthrough as password is not allowed to be specified for su command..

Last edited by rbatte1; 09-19-2018 at 06:47 AM.. Reason: Removed invalid colon in suggestion
# 10  
Old 09-14-2018
Please forgive if Im totally wrong, a bit shaken after having an accident with my motorbike... but we were many bikes to fall as a lorry spilled fuel and the road...
Code:
ssh -i $key $os_user@$ip
sudo -u $ou_user -p $ou_pass   -- i am getting error here...its not taking sudo password
. PRD 
"sqlplus / as sysdba<<EOF
ALTER USER $unlock_user ACCOUNT UNLOCK;   
EOF  
"

I am not sure what is going on here, it seemed to me that after ssh, you are on a another connection with a new shell, no?
So su or sudo wont work as such IMHO

Sorry bad headhache, leaving...
# 11  
Old 09-14-2018
Quote:
Originally Posted by vbe
Please forgive if Im totally wrong, a bit shaken after having an accident with my motorbike... but we were many bikes to fall as a lorry spilled fuel and the road...
Code:
ssh -i $key $os_user@$ip
sudo -u $ou_user -p $ou_pass   -- i am getting error here...its not taking sudo password
. PRD 
"sqlplus / as sysdba<<EOF
ALTER USER $unlock_user ACCOUNT UNLOCK;   
EOF  
"

I am not sure what is going on here, it seemed to me that after ssh, you are on a another connection with a new shell, no?
So su or sudo wont work as such IMHO

Sorry bad headhache, leaving...
Hi,

Hope you are ok ?

Yes , after ssh i will be on another remote box, where i need to switch to oracle user by using su ...

How ever i got some google information and previous reply from robin sudo su wont ask for password where just su shall ask ( I need to to give a try this a work around)
# 12  
Old 09-14-2018
Just took some pain killers, apart scratches and bruises headache and bad back all is OK...
What I ment was the line after ssh ( su etc... ) would be executed once you left that new shell... So you would have to use a heredoc here too...

But again, since I have not all my head I was hoping someone would pick up from here and confirm and if so help you through

Last edited by vbe; 09-14-2018 at 03:30 PM..
# 13  
Old 09-17-2018
Sory for being confused, but in what way does my suggestion not meet your need. If I can understand it, then I may be able to help.

I think that:-
  • You are using ssh to connect to the server as yourself
  • You want to then use sudo to run a command as the user oracle
is that correct? If so, does having the suggested sudo rule (adjusted to consider my warning) help at all? One of us is missing something - and I'm happy to accept it is me, but I don't understand what it is yet. Can you explain a little more?

Perhaps a scraping of your screen as you run through would help me see it.



Thanks, in advance,
Robin
# 14  
Old 09-18-2018
Quote:
Originally Posted by rbatte1
Sory for being confused, but in what way does my suggestion not meet your need. If I can understand it, then I may be able to help.

I think that:-
  • You are using ssh to connect to the server as yourself
  • You want to then use sudo to run a command as the user oracle
is that correct? If so, does having the suggested sudo rule (adjusted to consider my warning) help at all? One of us is missing something - and I'm happy to accept it is me, but I don't understand what it is yet. Can you explain a little more?

Perhaps a scraping of your screen as you run through would help me see it.



Thanks, in advance,
Robin
Hi Robin,

Thanks for your kind reply.. apologies for delay.
Yes, below understanding is correct
[*]You are using ssh to connect to the server as yourself[*]You want to then use sudo to run a command as the user oracle

However mentioning just sudo oracle is not working..I think i am missing some settings in sudo file, I am not sure which i am missing.. Like you suggested I have added oracle to wheel group visudo file..but not working

OR
it should allow me to just su oracle and accept password ( i think this not viable option as per lot of google information)
suggest me
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Sudo reads password from a .cfg file

cleanwork /saswork removes sas orphanded processes in the saswork directory. Subdirectories under sasem are sas94, sas92 and sasworks . I am getting the following error messages: 1. '/usr/bin/sudo -S apt-get update <~/opt/SiM/pos/ps/db_auth.cfg... (4 Replies)
Discussion started by: dellanicholson
4 Replies

2. UNIX for Dummies Questions & Answers

Sudo -s without password prompt

hi, i have a requirement where i need to sudo to another user in the shell script.suppose consider user A and B, first user A calls a shell script and then i need to sudo to user B which executes another shell script inside the earlier one. also this needs to be automated like while sudo'ing to... (3 Replies)
Discussion started by: krk
3 Replies

3. Red Hat

Sudo + Nohup = no password?

Little confused here When i go to run sudo nohup ./script.ksh & I dont get asked for a password. It starts a process ID, I can see it when i do a ps -ef | grep script. But I dont get an output file from my script, so its not doing anything. What gives? does it have to do the "&" ? ... (4 Replies)
Discussion started by: nitrobass24
4 Replies

4. Shell Programming and Scripting

ssh foo.com sudo command - Prompts for sudo password as visible text. Help?

I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this: #!/bin/bash rsync /path/on/local/machine/ foo.com:path/on/remote/machine/ ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies

5. Shell Programming and Scripting

password in sudo script

salmo allikm warhmat allah wabrakato i want to do script with sudo like sudo su and want to put password in the script not get from user because i to made it startup when booting and i don't know how put in script for sudo thanks (5 Replies)
Discussion started by: pua06
5 Replies

6. AIX

Sudo ask for password

Hello I have a partition with Aix 5.3 and I install sudo I put the commands that I want to use x user and I put the option that donkask for password. But when I run with this user and I try to run that commands. ask me for a password. I put this line for no ask for password with that... (2 Replies)
Discussion started by: lo-lp-kl
2 Replies

7. Shell Programming and Scripting

sudo command with password

Hello everybody, Say I forgot my root password (shit happens, no?) and I'd like to brutally try 100 possibilities to delete a file using sudo. How can I make a script that tries all the passwords? The following doesn't work. Do you have a clue? foo:~$ cat test sudo rm dummy <<< 'password' echo... (1 Reply)
Discussion started by: chebarbudo
1 Replies

8. Shell Programming and Scripting

verify sudo password

edited and removed (0 Replies)
Discussion started by: mdpalow
0 Replies

9. Linux

sudo, root password

Hi all.. I'm secering a RH 2.1 server, with gnome (not my choice...), as X manager. Is ther anyway to get sudo ask for root password other then the actual user's password? Like when you launch the graphical IHM to create a new user, it asks for root's password? Is there a way to do the same... (5 Replies)
Discussion started by: penguin-friend
5 Replies

10. UNIX for Dummies Questions & Answers

sudo in OS X shell script without password prompt??

I've written a shell script to alter a particular preference file on OS X (10.3.9), which works fine (tested by running the script from the terminal sat in front of the box). Problem is, I now have to run this script remotely across a number of machines via remote desktop, so where I've used the... (1 Reply)
Discussion started by: Brad_GNET
1 Replies
Login or Register to Ask a Question