Beefy Boxes and Bandwidth Generously Provided by pair Networks
We don't bite newbies here... much
 
PerlMonks  

Executing unix command from script

by Neminath (Initiate)
on Jul 08, 2008 at 16:34 UTC ( #696253=perlquestion: print w/replies, xml ) Need Help??
Neminath has asked for the wisdom of the Perl Monks concerning the following question:

I have trouble in executing command. The command requires root privileges. on my ubuntu box i need to use sudo command which ask for a password which makes my script interactive; which i don't want. Is there any way to avoid it. Any idea something like if i invoke my script with root privileges those privileges are inherited to commands in the script which avoids prompting of password each time. Ubuntu does not allow to login as root. so privileged commands has to be prefixed with sudo.

Replies are listed 'Best First'.
Re: Executing unix command from script
by Tanktalus (Canon) on Jul 08, 2008 at 16:47 UTC

    Welcome to unix. A bit of convolution, but still far simpler than the Windows security model, IMO. (Though still not perfect, but I digress.)

    First off, just because you can't log in as root doesn't mean you can't log in as root. ;-) It just means you can't log in via gdm (the GUI) as root - a good thing by any security-minded definition. You should be able to gain root access in any number of other ways, some requiring a password, others have the password as optional.

    What I've done in the past is set up sudo to allow running of a particular command without a password. In my case, I want to run it as a particular user, so I have:

    %build ALL=(nobody) NOPASSWD: /full/path/to/script
    With this, anyone can run "sudo -u nobody /full/path/to/script" and not be asked for a password. Well, that's great, but a bit cumbersome. So my script does this:
    # Are we the right user? use User::pwent; my $user_wanted = 'nobody'; my $user = getpwnam($user_wanted); if ($< != $user->uid()) { exec(qw(sudo -u), $user_wanted, $0, @ARGV); } [...]
    Now I can just run /full/path/to/script, and it will exec itself as the right user if it isn't already.

    Hope that helps.

Re: Executing unix command from script
by pc88mxer (Vicar) on Jul 08, 2008 at 16:41 UTC
    You can configure sudo to not ask for a password. See the NOPASSWD option in man sudoers.
Re: Executing unix command from script
by moritz (Cardinal) on Jul 08, 2008 at 17:04 UTC
    You can configure sudo so that it doesn't ask for a password when executing particular commands. Note that is a huge security hole if done wrong.

    See man 5 sudoers for a description of the configuration file syntax.

Re: Executing unix command from script
by taffer (Novice) on Jul 08, 2008 at 16:49 UTC
    Another possible solution is to create a shell script or an expect script that could do the sudo cmd and supply the password to it, then call this script from perl. It is a bit of an ugly solution, but should work.
Re: Executing unix command from script
by sgifford (Prior) on Jul 09, 2008 at 02:29 UTC
    Any idea something like if i invoke my script with root privileges those privileges are inherited to commands in the script which avoids prompting of password each time

    That's actually exactly what happens: if your script runs as root, anything it runs will also run as root. If you run your main script under sudo, it will run as root, so none of the commands it runs should need sudo to run.

Re: Executing unix command from script
by philipbailey (Chaplain) on Jul 08, 2008 at 20:47 UTC
    Another way, not mentioned so far, is to set the "setuid" bit on the executable file. This assumes the file is owned by root. Something like:
    chmod u+s script.pl
    As for any method giving ordinary users elevated privileges, there are security issues. You may need to check that Perl has been compiled with the "ENABLE_SUIDPERL" option. There may be other complications--but this is something else for you to consider.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://696253]
Approved by pc88mxer
help
Chatterbox?
[ambrus]: Corion: ah, so you want a library that parses HTTP, and you want to do the IO yourself, and don't want a full AnyEvent wrapper.
[ambrus]: Corion: I think I parsed a HTTP header from a string with LWP once. You can definitely use that to create a HTTP message too. The problme is
[ambrus]: that if you do that, you'd have to find where each HTTP response ends, which is nontrivial if you want persistent connections (essential for performance if you have small requests).
[Corion]: ambrus: Yes, ideally an API that I feed the incoming data piece by piece and that I can ask "is that response done" and "what should I do next" and "please construct the appropriate redirect for me"
[Corion]: ambrus: Yes, ideally the module would do all that nasty stuff for me and give me a way to ask it what the current situation is
[ambrus]: Corion: you could also consider using some wrapper over the multi interface of curl, I think Net::Curl might be a good one, since implementing enough of what it expects from the event loop might be easier than a full AnyEvent interface.
[ambrus]: Corion: you could also consider using IO::Async and its POE driver and some HTTP module for it, but I don't know if that would solve your problems with AnyEvent+POE
[ambrus]: Corion: wait, you didn't say POE. You said Prima, let me look up what that is.
[ambrus]: Corion: have you considered just writing an AnyEvent integration for that thing?

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (16)
As of 2016-12-07 16:04 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    On a regular basis, I'm most likely to spy upon:













    Results (130 votes). Check out past polls.