I want to write something to visduo and I can't write to /etc/sudoers
for SERVER in $(cat some.txt); do
ssh -q -o StrictHostKeyChecking=no root#$SERVER '
echo 'm2madm ALL=(ALL:ALL) NOPASSWD:/sbin/iptables -L' | sudo EDITOR='tee -a' visudo
'
problem is with '
but I really don't know what I should do, can you help me please?
the output is:
domain_check.sh: line 25: syntax error near unexpected token `('
domain_check.sh: line 25: `echo ('m2madm ALL=(ALL:ALL) NOPASSWD:/sbin/iptables -L' | sudo EDITOR='tee -a' visudo)'
If you want to use variables in the string you sent trough ssh, enclose that string with ". Within the string you should use a single quote ', or escape every double quote \".
Your problem occurs because you "close" the string before you're meaning to. The following should work.
for SERVER in $(cat some.txt); do
ssh -q -o StrictHostKeyChecking=no root#$SERVER "
echo 'm2madm ALL=(ALL:ALL) NOPASSWD:/sbin/iptables -L' | sudo EDITOR='tee -a' visudo
"
done
P.s. there is a shell spell check site in which you can test your code. I don't know which, but I will add it as a comment below my answer.
Related
I am trying to pass the password that contains " character as part of my password in a bash script to sudo -S su. I am running the bash script but I get prompt as bash error: line1 EOF as end to " not found.
Suggest some method to pass the password containing quotes successfully.
echo "pass\"word" | sudo -S su
prompt:
bash error: line1 EOF as end to '"' not found
I want to run the bash script without errors
This error is not caused by the quote in your password, but by the fact that both sudo and the shell spawned by su are trying to read from stdin:
$ bash -c 'pass"word'
bash: -c: line 1: unexpected EOF while looking for matching `"'
bash: -c: line 2: syntax error: unexpected end of file
$ echo 'totallynotmypassword' | sudo -S su
bash: line 1: totallynotmypassword: command not found
As suggested by user KamilCuk, it is better to create a NOPASSWD entry in your sudoers file.
I'm looking to respond to a password prompt in the linux terminal. I know how to do this with echo and a non-password prompt. For example, let's say whatsyourname.sh prompted me for a string with my name after being ran, but didn't allow my name to be passed as an argument in the inital command. I would do the following:
echo -e "dan" | ./whatsyourname.sh
However, if I ran a command that asked me for a password after being ran, the following does not work:
echo -e "supersecurepassword" | sudo apt-get update
I'm guessing this has something to do with the fact that the characters are hidden while a password is being input in the command line. How would I respond to a password prompt within the inital command?
You're looking for sudo -S
Explaining -S - man sudo
-S, --stdin
Write the prompt to the standard error and read the password from the standard input instead of
using the terminal device. The password must be followed by a newline character.
Simple,
#!/bin/bash
echo "notsecure" | sudo -S apt-get update
Variable,
#!/bin/bash
pass="notsecure"
echo $pass | sudo -S apt-get update
Lets still type it,
#!/bin/bash
read -s -p "[sudo] sudo password for $(whoami): " pass
echo $pass | sudo -S apt-get update
Explaining -s and -p - help read
-r do not allow backslashes to escape any characters
-s do not echo input coming from a terminal
Handy if you make a script that logs into multiple servers to view route -n for example.
I am trying to disable RHN check when running yum on 1000 servers. It is done by:
Editing this file /etc/yum/pluginconf.d/rhnplugin.conf
[main]
enabled = 0
I wrote a script to do this remotely. We are using individual accounts and I need to execute this command using SUDO:
for HOST in $(cat serverlist ) ; do echo $HOST; ssh -o ConnectTimeout=5 -oStrictHostKeyChecking=no $HOST -t 'sudo cp /etc/yum/pluginconf.d/rhnplugin.conf /etc/yum/pluginconf.d/rhnplugin.$(date +%F) ; sudo sed -i -e "s/1/0/g" /etc/yum/pluginconf.d/rhnplugin.conf ' ; done
I know it is a long line but why does it not work?
All individual commands work on their own
sudo cp /etc/yum/pluginconf.d/rhnplugin.conf /etc/yum/pluginconf.d/rhnplugin.$(date +%F)
sudo sed -i -e "s/1/0/g" /etc/yum/pluginconf.d/rhnplugin.conf
have tried escaping the special chars:
sudo sed -i -e "s\/1\/0\/g" /etc/yum/pluginconf.d/rhnplugin.conf
But I get an error all the time:
sed: -e expression #1, char 1: unknown command: `?'
Thanks for your help.
The sudo(1) command expects a pseudo-teletype (pty) and fails if it does not see one. Rewrite your command line to use su(1) instead. Use your local sudo(1) configuration to limit access to this script so only the select few can execute the script.
I actually found the answer to this question, or rather workaround. See the snippet below, where I got to -as root- ssh as me (szymonri) to other host, then invoke sed command as root in order to edit /etc/hosts file. All thanks to base64 magic.
ME=`echo -e "$(hostname -I | awk '{print $1}')\toverlord"`
B64ENC=`echo "sed -i 's/.*overlord/$ME/g' /etc/hosts" | base64`
su - szymonri sh -c "ssh jetson bash -c \\\"echo $B64ENC \| base64 --decode \| sudo bash \\\""
line: I"m obtaining m yown IP address as an /etc/hosts line
line: I'm base64 encoding sed command with the first line in it.
line: I'm invoking the SSH shenannigan, where I su as regular user, ssh to another box as the user, and use power of sudo to edit the file.
My script is as below.
#!/bin/bash
version = 1.1
echo "Enter username"
read UserName
ssh -t $UserName#server bash -c " '
./runSomeScript
echo "Entering Sudo"
sudo -s -u user1 -c "cd random; ./randomscrip xx-$version-yy"
'"
But this is not working.
Basically i want to do a ssh to a account. And then runSomeScript
Then do a sudo with user as user1 and then run commands cd random and ./randomscrip (with xx-Version-yy as argument) as the sudo user only.
But the commands inside sudo are not working.
Your quoting is a little careless. You're using double-quotes for the first and third levels of quoting, and the shell can't tell one from the other. Do something like this instead:
sudoScript="cd random; ./randomscrip xx-${version}-yy"
sshScript='
./runSomeScript
echo "Entering Sudo"
sudo -s -u user1 bash -c '"'${sudoScript}'"'
'
ssh -t ${UserName}#server "${sshScript}"
But beware that if you embed any single-quotes, it will still go wrong unless you add a layer of shell-quoting.
Finally, remove the spaces around = when you assign to version.
I have a situation that I need to append several lines(ip and hosts) from a file to /etc/hosts.
If I execute the below command
sshpass -p password cat /tmp/hosts |sudo tee -a /etc/hosts
I am getting
sudo: no tty present and no askpass program specified.
Sorry, try again.
sudo: no tty present and no askpass program specified. Sorry, try again.
sudo: no tty present and no askpass program specified. Sorry, try again.
sudo: 3 incorrect password attempts
Any alternatives to this?
How about
sudo -S sh -c 'cat /tmp/hosts >> /etc/hosts' <<< "password"
It's best to contain redirections for sudo within a subshell so that the elevated permissions are applied to opening the destination file.
ref: See https://stackoverflow.com/a/4327123/7552
The error you face comes from the fact that sshpass tries to send the password to cat, not to sudo. Your command line should have, in theory, looked rather like this:
cat /tmp/hosts |sshpass -p password sudo tee -a /etc/hosts
but sshpass does not forward stdin to sudo so this is a dead end. (sudo does forward stdin though that is why something like sudo tee works)
You could do something like this
sshpass -p password sudo echo "Hello"
cat /tmp/hosts | sudo tee -a /etc/hosts
so that the second call to sudo does not require a password.
Another option is to embed the cat and the redirection in a shell script and then just
sshpass -p password sudo ./thescript.sh
Or you can, as #glennjackman wrote, embed the cat and the redirection in a subshell:
sshpass -p password sudo sh -c 'cat /tmp/hosts >> /etc/hosts'
And of course, you can configure sudo to not require passwords.