I'm completely new to the Linux world, but I've been able to complete a few tasks on my own.
Now, I have a task to complete that's driving me crazy.
I need to be able to send the password to sudo, since I can't prompt the user for the password.
What I've been able to find is
echo myPassword | sudo -s
Apparently -s allows sudo to receive the password through command input, and not user input.
I can't render my user so sudo won't ask me for password, since I don't know who will use this script, the script has access to their password and account names, the only thing I need it to be able to automate sudo.
PS: English is not my native language, sorry if I made any mistakes.
Related
I created bash script on Linux Redhat with vim
My script is working well on an user.
I need to esxute on the same script this command
su - root with password
VGDISPLAY -v |grep "LV Status"
the probem is when I execute my script the part of the normal user is done
and the other part with root not done
my question how can I do to execute this
I need to switch in the same script to root
Best regards
I'd recommend not switching to the root user in the script for specific tasks/commands but assigning SUDO privileges to your user (by which you are running the script), and using sudo command in the script for the tasks/commands that need elevations.
Hint: By sudo command you may run a process on behalf of another user (root probably).
If you are not familiar with sudo command or how to assign SUDO privileges to a user, please see the following link or google it.
https://phoenixnap.com/kb/linux-sudo-command
PS. Providing SUDO privileges to a user is configurable whether to be used for all commands or limited commands. For testing purposes, you may configure the user to be able to run all commands with sudo to gain the privileges, but for production use it is strongly recommended to limit the user to be able to use only necessary commands with sudo and nothing more.
Is there any suitable shell script for shutting down or restarting a Linux machine? I have tried a shell script for shutdown, but when I enter sudo shutdown it will ask for the password. How we can enter the password using the script?
Another, in my opinion cleaner approach:
Create a new file in /etc/sudoers.d/ with content:
%users ALL=NOPASSWD: /sbin/shutdown
%users ALL=NOPASSWD: /sbin/reboot
This causes sudo to not ask for the password, if any user of group "users" tries to execute a shutdown or reboot. Of course you can also specify another group, maybe a newly created group for finer control of reboot permissions.
More information about the other possible settings for sudo can be found in the Manpage.
Yes, use the -S switch which reads the password from STDIN:
$echo <password> | sudo -S <command>
So to shut down the machine, your command would be like this (just replace <password> with your password):
$echo <password> | sudo -S poweroff
Exposing your password is generally bad idea search for something that can protect / hide it. In the past I've used Jenkins plugins to do this while executing the scripts regularly.
if you really want to achieve it, you should write a script containing the shutdown command; make root be its owner, then set the SUID bit with the chmod command and give to it executable permission for everybody. When executed, the owner of the script would become root and no password should be asked.
I am trying to create a bash script that starts with the user executing a sudo -s command.
This is my script:
#!/bin/bash
SSH_USER=testuser
SUDO_PASSWD=secretpassword
FILE=/www/a/logs/service.log
MACHINES=( 'machine1' );
for HOST in ${MACHINES[#]}; do
ssh -t -l "$SSH_USER" "$HOST" "echo '$SUDO_PASSWD' | sudo -Ss chmod 777 $FILE"
done
I feel like this script should not prompt me for the password but it does. I do not want to have to input the password 30 different times. I have tried multiple versions where I hard code the password into the script but I still get prompted to enter in a password. HELP ME PLEASE. I'm VERY new at creating bash scripts and need some serious guidance.
The idea you have there will never work as sudo(1) does not read passwords from standard input unless it's a terminal. Hardcoding passwords into a script is also very bad idea, as pointed out repeatedly in comments.
If you really want to make this happen (I recommend against it), you should do edit /etc/sudoers in your target machine to let you run sudo(1) without it asking a password for things you need to be done without a password. For that you should not let yourself run any chmod command lines without a password, but instead create a script in target machine (for example ยด/usr/local/bin/do-my-promiscuous-chmod`) then tell sudo to let you run just that script without asking a password.
For example adding the following to /etc/sudoers will let user "foo" run /usr/local/sbin/do-unsafe without a password and with root privileges:
foo ALL = (root) NOPASSWD: /usr/local/sbin/do-unsafe
Agree with Sami, no hardcoding password in scripts.
more suggestions.
If the script needn't run as root, and can be run by some other application admin account, such as DBA, you should nominate to that user only to limit the permissions, such as:
foo ALL = (dba) NOPASSWD: /usr/local/sbin/do-unsafe
Secondly, don't give any files with 777 permissions, it is unsafe. Think some others way, such as ACL permission set.
chmod 777 $FILE
I am creating multiple users (this case 3 users) on a linux bash script using the line
sudo adduser --force-badname CPE_User"$count"
and I am trying to give those users a password that I assign in the script using:
echo "CPE_User"$count":1234" | chpasswd
but the terminal gives me this message :
Allowing use of questionable username.
adduser: The user `CPE_User1' already exists.
Changing password for CPE_User1.
chpasswd: (user CPE_User1) pam_chauthtok() failed, error:
Authentication token manipulation error
chpasswd: (line 1, user CPE_User1) password not changed
What is the problem?
It says it quite clearly: a user with that name already exists. Linux doesn't allow to have more than one user with the same name...
Not sure what the chpasswd problem might be (you are running it as root, right?) If you can't get chpasswd to work, consider using passwd (potentially via an expect script) - that will work for sure.
I want to change the user in one command line with su
echo password | su user
But this is not working.
Is there a other possibility?
best wishes
First of all: Ask yourself whether it is really necessary for a script to know the password. sudo and SE-Linux usually give you plenty of options to avoid entering passwords.
This being said, su opens its controlling terminal to read the password, not stdin. You can use sudo with the -S option to read the password from stdin.
From sudo's manual:
-S
The -S (stdin) option causes sudo to read the password from the standard input instead of the terminal device. The password must be followed by a newline character.
Do the folowing ..
passwd root
it will ask you for a new password
put it and then you log as administrator and do what you want