Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

Sudo password in shell file

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Sudo password in shell file
# 1  
Old 09-04-2018
Sudo password in shell file
Hi all,

I have a script like this, where i am trying to login into oracle db via ssh and do a account unlock.
Code:
#!/bin/sh
ip=$1
os_user=$2
key=$3
ou_user=$4
ou_pass=$5
unlock_user=$6
ssh -i $key $os_user@$ip
sudo -u $ou_user -p $ou_pass   -- i am getting error here...its not taking sudo password
. PRD 
"sqlplus / as sysdba<<EOF
ALTER USER $unlock_user ACCOUNT UNLOCK;   
EOF  
"

any suggestion please.
Last edited by onenessboy; 09-04-2018 at 07:40 AM..
# 2  
Old 09-04-2018
Have you looked into sshpass ?
# 3  
Old 09-04-2018
Quote:
Originally Posted by Neo
Have you looked into sshpass ?
Hi Neo,

Thanks for reply, ssh is not an issue here as we are .using pem key as authentication for ssh login which is working fine till that point no issue , script logging into ssh successfully(i broke my code for debug purpose so...ssh login is working fine)

only issue is in sudo command..how to mention password along with sudo user name.

I read some google article that, sudo wont take password as parameter
# 4  
Old 09-04-2018
-p is not interactive password input option for sudo command.
There is no such feature or switch.

Please correct the steps for better understanding, you are :
1. sshing to box hosting Oracle database as some generic user.
2. You wish to change the user to oracle user (the user under which the database is ran).
3. Source a file, after which you issue unlock of oracle database account.

If i'm not mistaken, a SYSTEM user should have required privilege to UNLOCK account, and you should be able to connect to database in standard way (sqlplus, toad etc.) and SYSTEM user ?
Why do you require ssh and sudo to do this operation ?

Why not use a DBA_DIRECTORIES or EXTERNAL TABLE in which a sshed user will write a simple text file and oracle will process via internal scheduler and/or procedure.

Use the database software you are paying gold for, you are over complicating it Smilie

Hope that helps
Regards
Peasant.
# 5  
Old 09-04-2018
Quote:
Originally Posted by Peasant
-p is not interactive password input option for sudo command.
There is no such feature or switch.

Please correct the steps for better understanding, you are :
1. sshing to box hosting Oracle database as some generic user.
2. You wish to change the user to oracle user (the user under which the database is ran).
3. Source a file, after which you issue unlock of oracle database account.

If i'm not mistaken, a SYSTEM user should have required privilege to UNLOCK account, and you should be able to connect to database in standard way (sqlplus, toad etc.) and SYSTEM user ?
Why do you require ssh and sudo to do this operation ?

Why not use a DBA_DIRECTORIES or EXTERNAL TABLE in which a sshed user will write a simple text file and oracle will process via internal scheduler and/or procedure.

Use the database software you are paying gold for, you are over complicating it Smilie

Hope that helps
Regards
Peasant.
Hi Peasant,

Thanks for your reply.

Oh my bad.. yeah, mentioned steps are correct which i m trying to acheive..
sorry..my bad...

Code:
sudo -u $ou_user -p $ou_pass

should be
Code:
su -u $ou_user -p $ou_pass

Yes below is correct which I trying to achieve
Code:
Please correct the steps for better understanding, you are :
1. sshing to box hosting Oracle database as some generic user.
2. You wish to change the user to oracle user (the user under which the database is ran).
3. Source a file, after which you issue unlock of oracle database account

the . PRD is environment file which export variables

Code:
[oracle@prddb . PRD   
[oracle@prddb cat PRD   
ORACLE SID=PRD   
ORACLE BASE=" /dbusr/app/oracle/product"   
ORACLE HOME=" /dbusr/app/orac1e/product/12102"   
LD_LIBRARY_PATH="$ORACLE_HOME/lib"   
TNS_ADMIN="$ORACLE_HOME/network/admin"   
LIBPATH="$ORACLE_HOME/lib"  
ORA NLS="/dbusr/app/orac1e/product/12102/ocommon/n1s/admin/data"   
ORA NLS33=" /dbusr/app/orac1e/product/12102/ocommon/n1s/admin/data"   
export ORACLE_BASE ORACLE_HOME   
export PATH LD_LIBRARY_PATH LIBPATH  
export TNS_ADMIN   
export ORACLE_SID

Quote:
Why do you require ssh and sudo to do this operation ?
I can login via sysdba to unlock the account after switching to oracle user
Last edited by onenessboy; 09-04-2018 at 12:50 PM..
# 6  
Old 09-04-2018
Presumably the sudo rule that matches your request is prompting for a password. It could be set up to not ask for a password, but that needs to be done carefully to avoid exposing you to risk.

Do you know which rule is being used to grant your access (with the password) to do what you want?



Robin
# 7  
Old 09-04-2018
Quote:
Originally Posted by rbatte1
Presumably the sudo rule that matches your request is prompting for a password. It could be set up to not ask for a password, but that needs to be done carefully to avoid exposing you to risk.

Do you know which rule is being used to grant your access (with the password) to do what you want?



Robin
Hi Robin,

its not sudo , its just su - $ou_user (this is oracle user)

What i am trying to do is once i login to box with generic user then i am trying to switch to ou_user (which is oracle) which mandatorily having password(which i know)

Only issue is I am not able to use password(for oracle user) within script
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Sudo reads password from a .cfg file

cleanwork /saswork removes sas orphanded processes in the saswork directory. Subdirectories under sasem are sas94, sas92 and sasworks . I am getting the following error messages: 1. '/usr/bin/sudo -S apt-get update <~/opt/SiM/pos/ps/db_auth.cfg... (4 Replies)
Discussion started by: dellanicholson
4 Replies

2. UNIX for Dummies Questions & Answers

Sudo -s without password prompt

hi, i have a requirement where i need to sudo to another user in the shell script.suppose consider user A and B, first user A calls a shell script and then i need to sudo to user B which executes another shell script inside the earlier one. also this needs to be automated like while sudo'ing to... (3 Replies)
Discussion started by: krk
3 Replies

3. Red Hat

Sudo + Nohup = no password?

Little confused here When i go to run sudo nohup ./script.ksh & I dont get asked for a password. It starts a process ID, I can see it when i do a ps -ef | grep script. But I dont get an output file from my script, so its not doing anything. What gives? does it have to do the "&" ? ... (4 Replies)
Discussion started by: nitrobass24
4 Replies

4. Shell Programming and Scripting

ssh foo.com sudo command - Prompts for sudo password as visible text. Help?

I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this: #!/bin/bash rsync /path/on/local/machine/ foo.com:path/on/remote/machine/ ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies

5. Shell Programming and Scripting

password in sudo script

salmo allikm warhmat allah wabrakato i want to do script with sudo like sudo su and want to put password in the script not get from user because i to made it startup when booting and i don't know how put in script for sudo thanks (5 Replies)
Discussion started by: pua06
5 Replies

6. AIX

Sudo ask for password

Hello I have a partition with Aix 5.3 and I install sudo I put the commands that I want to use x user and I put the option that donkask for password. But when I run with this user and I try to run that commands. ask me for a password. I put this line for no ask for password with that... (2 Replies)
Discussion started by: lo-lp-kl
2 Replies

7. Shell Programming and Scripting

sudo command with password

Hello everybody, Say I forgot my root password (shit happens, no?) and I'd like to brutally try 100 possibilities to delete a file using sudo. How can I make a script that tries all the passwords? The following doesn't work. Do you have a clue? foo:~$ cat test sudo rm dummy <<< 'password' echo... (1 Reply)
Discussion started by: chebarbudo
1 Replies

8. Shell Programming and Scripting

verify sudo password

edited and removed (0 Replies)
Discussion started by: mdpalow
0 Replies

9. Linux

sudo, root password

Hi all.. I'm secering a RH 2.1 server, with gnome (not my choice...), as X manager. Is ther anyway to get sudo ask for root password other then the actual user's password? Like when you launch the graphical IHM to create a new user, it asks for root's password? Is there a way to do the same... (5 Replies)
Discussion started by: penguin-friend
5 Replies

10. UNIX for Dummies Questions & Answers

sudo in OS X shell script without password prompt??

I've written a shell script to alter a particular preference file on OS X (10.3.9), which works fine (tested by running the script from the terminal sat in front of the box). Problem is, I now have to run this script remotely across a number of machines via remote desktop, so where I've used the... (1 Reply)
Discussion started by: Brad_GNET
1 Replies
Login or Register to Ask a Question