Home > Archive > PERL Miscellaneous > April 2005 > system() with 2 commands
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
system() with 2 commands
|
|
| sitnam81 2005-04-21, 8:57 pm |
| Base question
--------
Is there a way to perform 2 commands via system()? I would like to
execute a "sudo - root" and then "useradd" (or perhaps a script that
does the "useradd")?
Details
-------
I am relatively new to perl, and I am writing a cgi-script that will be
a front end for adding a user -- it takes input from a form (username,
UID, group, password) and performs in a loop across other servers:
system("ssh", "-l", $user, "-q", $SERVER{$loop}, $addcommand, "| 2>&1
>/dev/null");
I was able to get this working, but the $addcommand is a simple "cat of
a file into a temp file" to confirm it works. I need to perform a
"useradd" with all the options as the root user. The script is run as
a different user, so I will need to su to root (add su - root in
sudoers), and then perform the "useradd" command passing all the
arguements.
| |
|
| sitnam81 <michael.n.palassis@gmail.com> wrote:
> Base question
> --------
> Is there a way to perform 2 commands via system()? I would like to
> execute a "sudo - root" and then "useradd" (or perhaps a script that
> does the "useradd")?
I think you may be confusing 'su' and 'sudo'. With the latter, the
command to be executed is provided at the same time:
sudo -u root useradd
Where you will run into problems is when the stage when you asked for
the root password.
You should look at the Expect.pm module.
Axel
| |
| Gregory Toomey 2005-04-21, 8:57 pm |
| sitnam81 wrote:
> Base question
> --------
> Is there a way to perform 2 commands via system()? I would like to
> execute a "sudo - root" and then "useradd" (or perhaps a script that
> does the "useradd")?
>
> Details
> -------
> I am relatively new to perl, and I am writing a cgi-script that will be
> a front end for adding a user -- it takes input from a form (username,
> UID, group, password) and performs in a loop across other servers:
>
> system("ssh", "-l", $user, "-q", $SERVER{$loop}, $addcommand, "| 2>&1
>
> I was able to get this working, but the $addcommand is a simple "cat of
> a file into a temp file" to confirm it works. I need to perform a
> "useradd" with all the options as the root user. The script is run as
> a different user, so I will need to su to root (add su - root in
> sudoers), and then perform the "useradd" command passing all the
> arguements.
system('command1;command2');
System just passes its arguments to your default shell. You can then use the
usual shell programming constructs.
You many have to be a bit careful if you are doing redirections like your
example, but no more so than if you are doing shell programming.
gtoomey
| |
| sitnam81 2005-04-22, 3:59 pm |
| Does that command work -- "sudo -u root"?
The man for root says -u is for any user OTHER than root:
-u The -u (user) option causes sudo to run the specified
command as a user other than root. To specify a uid
instead of a username, use "#uid".
Thanks for the recommendation about expect, this looks like it will
help with the passwd stuff.
| |
| sitnam81 2005-04-22, 3:59 pm |
| Also the script is giving me errors when i use the ";" between
commands:
$command = "sudo /usr/bin/su - root";
$command2 = "mv $file1 $file2";
$sshserver = servername;
$user = username;
system("ssh", "-l", $user, "-q", $sshserver, $command;$command2);
# ./rsh-test.cgi
syntax error at ./rsh-test.cgi line 24, near "$command;"
syntax error at ./rsh-test.cgi line 24, near "$command2)"
Execution of ./rsh-test.cgi aborted due to compilation errors.
Do you know why this is erroring?
Thanks!
| |
| J. Gleixner 2005-04-22, 3:59 pm |
| sitnam81 wrote:
> Also the script is giving me errors when i use the ";" between
> commands:
>
> $command = "sudo /usr/bin/su - root";
> $command2 = "mv $file1 $file2";
> $sshserver = servername;
> $user = username;
> system("ssh", "-l", $user, "-q", $sshserver, $command;$command2);
>
> # ./rsh-test.cgi
> syntax error at ./rsh-test.cgi line 24, near "$command;"
> syntax error at ./rsh-test.cgi line 24, near "$command2)"
> Execution of ./rsh-test.cgi aborted due to compilation errors.
>
> Do you know why this is erroring?
Post real code!
Ahhh.. it's a syntax error on line 24... Look on line 24. :-)
system('ssh', '-l', $user, '-q', $sshserver, "$command;$command2");
A simpler & slightly less secure approach would be to set up root's ssh
keys (authorized_keys) to let you connect to $sshserver as root. That
way you don't have to run the sudo. If you're going to stick to using
sudo, simply run "sudo mv $file1 $file2", the "su -" will put you into
~root.
Based on the above code, I'd strongly suggest that you read up on sudo
and su before doing or allowing things to be done as root. If I saw
someone trying to do the above on a machine of mine, I'd quickly remove
them from sudoers.
| |
| Tad McClellan 2005-04-22, 3:59 pm |
| sitnam81 <michael.n.palassis@gmail.com> wrote:
> $sshserver = servername;
You should always enable warnings when developing Perl code!
You should put quotes around strings.
> system("ssh", "-l", $user, "-q", $sshserver, $command;$command2);
>
> # ./rsh-test.cgi
> syntax error at ./rsh-test.cgi line 24, near "$command;"
> syntax error at ./rsh-test.cgi line 24, near "$command2)"
> Execution of ./rsh-test.cgi aborted due to compilation errors.
>
> Do you know why this is erroring?
Yes, it is because you are not putting quotes around your strings.
--
Tad McClellan SGML consulting
tadmc@augustmail.com Perl programming
Fort Worth, Texas
| |
| Kevin Collins 2005-04-22, 8:56 pm |
| In article <1114177533.708450.220440@g14g2000cwa.googlegroups.com>, sitnam81
wrote:
> Does that command work -- "sudo -u root"?
> The man for root says -u is for any user OTHER than root:
> -u The -u (user) option causes sudo to run the specified
> command as a user other than root. To specify a uid
> instead of a username, use "#uid".
> Thanks for the recommendation about expect, this looks like it will
> help with the passwd stuff.
It should work just fine. Typically, '-u root' is redundant because the default
user to run as *is* root...
Kevin
--
Unix Guy Consulting, LLC
Unix and Linux Automation, Shell, Perl and CGI scripting
http://www.unix-guy.com
| |
|
| sitnam81 <michael.n.palassis@gmail.com> wrote:
> Does that command work -- "sudo -u root"?
> The man for root says -u is for any user OTHER than root:
> -u The -u (user) option causes sudo to run the specified
> command as a user other than root. To specify a uid
> instead of a username, use "#uid".
It works (at least on MAC OS X) - but you are right, 'sudo' on its
own is sufficient.
Axel
| |
| sitnam81 2005-04-22, 8:56 pm |
| I would love to do this as a non-root user, but I have been
unsuccessful in the future in allow another user to execute a command
(in this case useradd) with variable parameters. Also, I do have ssh
keys setup, but for a non root user -- therefore, I when I ssh into a
server I am not root, but I need to perform a useradd...
Is there a way I could do the following in sudoers (passing the
username/UID/group):
Cmnd_Alias USERADD=useradd -d /export/home/$1 -u $2 -g $3 -s /bin/bash
-m $1
Since I have been unsuccessfule setting up stuff in sudoers with
variable parameters, I figured that I was forced to ssh as a non-root
user, swith to root, and then perform the useradd with the parameters
input from the front-end form.
| |
| Joe Smith 2005-04-23, 8:56 am |
| sitnam81 wrote:
> I do have ssh
> keys setup, but for a non root user -- therefore, I when I ssh into a
> server I am not root
Well, what's stopping you from setting up keys for root access?
root# cat ~user/.ssh/id_root.pub >> ~root/.ssh/authorized_keys
user% ssh -i ~/.ssh/id_root root@localhost
| |
|
| Joe Smith <joe@inwap.com> wrote:
> sitnam81 wrote:
[color=darkred]
> Well, what's stopping you from setting up keys for root access?
>
> root# cat ~user/.ssh/id_root.pub >> ~root/.ssh/authorized_keys
> user% ssh -i ~/.ssh/id_root root@localhost
Because it is a security hole.
At least being able to ssh in as a non-root user and then execute a sudo
command means that full root access is not required. The sudo can be
limited to allow specific commands.
Axel
|
|
|
|
|