Loading ...
Sorry, an error occurred while loading the content.

RE: [PBML] Net:: Telnet and sudo problem

Expand Messages
  • Dukelow, Don
    First I have no control over the sudoers file, the customer would never allow a NOPASSWD entry in it. Secondly I ve tried redirecting the command output into
    Message 1 of 3 , Jul 3, 2007
    • 0 Attachment
      First I have no control over the sudoers file, the customer would never
      allow a NOPASSWD entry in it. Secondly I've tried redirecting the
      command output into a file to copy back, but for some reason the
      redirect doesn't work either under sudo. If I do anything with sudo,
      either sudo <command> or sudo su -, all I get back is a 1 or 0 for
      success or failure. The Dump_log and Input_log shows the commands
      executed successfully. Sudo seams to put an extra wrapper around
      Net::Telnet that I haven't figured out how to get around. Does anyone
      have any other ideas.


      -----
      Don Dukelow
      HP UNIX OVO Enrollment
      Hewlett-Packard Company
      e-mail: dukelow@...
      URL: http://www.hp.ca

      -----Original Message-----
      From: Rob Biedenharn [mailto:Rob@...]
      Sent: Monday, July 02, 2007 5:44 PM
      To: Dukelow, Don
      Subject: Re: [PBML] Net:: Telnet and sudo problem

      On Jul 2, 2007, at 2:06 PM, Dukelow, Don wrote:
      > I've posted this before a after several suggestion offline it was
      > suggested to repost to all.
      >
      > I'm using Net::telnet to log into a remote server and once there I
      > issue the following commands.
      >
      > my @answer = $TELNET->print('sudo df -k');
      > $TELNET->waitfor('/Password:/i'); $TELNET->print($PASSWD);
      >
      > print "TEST @answer\n";
      >
      > If I do this without sudo it works fine, but the shell script I want
      > to run requires root access this the need for sudo.
      >
      > The dump_log puts this out!
      > 0x00000: 73 75 64 6f 20 64 66 20 2d 6b 0d 0a sudo df
      > -k..
      >
      > < 0x00000: 73 75 64 6f 20 64 66 20 2d 6b 0d 0a sudo df
      > -k..
      >
      > < 0x00000: 50 61 73 73 77 6f 72 64 3a
      > Password:
      >
      > > 0x00000: XX XX XX XX XX XX XX XX XX XX
      > xxxxxx
      >
      >
      > The only thing I get back in @answer is a 1, not the output from df
      > -k.
      > I believe the "1" coming back is from the successful password entry.
      > How can I get the results back from the df or any other command/
      > script I want through sudo?
      > -----
      > Don Dukelow
      > HP UNIX OVO Enrollment
      > Hewlett-Packard Company
      > e-mail: dukelow@...
      > URL: http://www.hp.ca

      You can add 'NOPASSWD:' in front of the df line in the sudoers file
      and allow certain commands to be run without requiring a password.
      Alternatively, you could run some other command with sudo first and then
      the df command wouldn't need a password (if your sudo is configured to
      have a timeout on the authentication step as most do).

      You'll probably notice that your password has magically appeared.
      You need to sanitize the hex dump as well as the ASCII part to keep such
      things secret. Besides, it's not a good idea to hardcode passwords in
      scripts anyway.

      -Rob


      Rob Biedenharn http://agileconsultingllc.com
      Rob@...
      +1 513-295-4739
      Skype: rob.biedenharn
    • aditi gupta
      Hello All: Which one of the two versions of blessing is better? The two parameter version. e.g. bless $objref, $class; Or the no parameter version. What
      Message 2 of 3 , Jul 6, 2007
      • 0 Attachment
        Hello All:

        Which one of the two versions of blessing is better?
        The 'two parameter' version. e.g. bless $objref, $class;
        Or the 'no parameter' version.

        What are the advantages of one over the other? Or is there any difference at all?

        Thanks!

        Aditi

        Send free SMS to your Friends on Mobile from your Yahoo! Messenger. Download Now! http://messenger.yahoo.com/download.php

        [Non-text portions of this message have been removed]
      • merlyn@stonehenge.com
        ... aditi Which one of the two versions of blessing is better? aditi The two parameter version. e.g. bless $objref, $class; aditi Or the no parameter
        Message 3 of 3 , Jul 6, 2007
        • 0 Attachment
          >>>>> "aditi" == aditi gupta <aditi9783@...> writes:

          aditi> Which one of the two versions of blessing is better?
          aditi> The 'two parameter' version. e.g. bless $objref, $class;
          aditi> Or the 'no parameter' version.

          One-argument "bless" was a mistake. Always use the two-argument version.

          --
          Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
          <merlyn@...> <URL:http://www.stonehenge.com/merlyn/>
          Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
          See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
        Your message has been successfully submitted and would be delivered to recipients shortly.