cancel
Showing results for 
Search instead for 
Did you mean: 

Need help in scripting -

 
girish23
Occasional Visitor

Need help in scripting -

In Linux, when a normal user enters below command, the OS will prompt for his local password.. This is the interactive way of doing..

$ sudo su -
Password:

I need advise on how to automate this.. I stored local account password in a file and when I run below command, it still prompts me for password.

$ cat > /tmp/junkfile
mypassword
$ sudo su - < /tmp/junkfile
Password:

How can this be automated.. actually this a part of my scripts which I'm working...

THANK YOU in advance!!

Regards,
Girish


1 REPLY
Matti_Kurkela
Honored Contributor

Re: Need help in scripting -

Security-sensitive commands like passwd, su and sudo will not obey I/O redirection. This is intentional.

If you want a normal user to be able to do something as root, you should use the "visudo" command to add a line like this to the sudo configuration:

normaluser hostname = (root) NOPASSWD: somecommand

For example: if you want to allow user "girish23" to run /usr/local/bin/rootstuff.sh as root on system "host1", you would add this line to sudo configuration:

girish23 host1 = (root) NOPASSWD: /usr/local/bin/rootstuff.sh

Now, as a normal user girish23, it should be possible to run:

sudo /usr/local/bin/rootstuff.sh

If /usr/local/bin is listed in the PATH environment variable, it is possible to leave out the path:

sudo rootstuff.sh

It's even possible to use I/O redirection and command line arguments:

sudo rootstuff.sh -something somefile < foo > bar

Of course, when you allow normal (non-sysadmin) users to run a script as root, you should make sure the permissions of the script won't allow those users to edit the script: if the script can be modified, you've just given the users a way to do anything they want as root.

----

By the way, when you use "sudo su -", you're using two tools when one would be enough. "sudo -i" will do exactly the same thing, Of course, if your sudo configuration only allows you to run "sudo su -", then that's what you must do... unless you change the sudo configuration to explicitly allow running all commands as root:
girish23 host1 = (root) ALL

MK
MK