Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Trapping sudo failures via Net::OpenSSH

by rastoboy (Monk)
on Mar 04, 2011 at 19:42 UTC ( [id://891505]=perlquestion: print w/replies, xml ) Need Help??

rastoboy has asked for the wisdom of the Perl Monks concerning the following question:

Greetings Brothers,

I'm having a surprisingly agonizing time trapping sudo failures via the awesome Net::OpenSSH module.

I've been trying it by using Expect, which I posted about here:
http://perlmonks.org/?node_id=890815

No matter what I do, success works great--successful sudos are not a problem--and I can even trap failures--but once I've failed to sudo I can't do any more Net::OpenSSH commands, and in fact the whole program comes to a screaching halt, unless I ctrl-c or interact in some other way, since it is prompting for another password try.

What I would like to do (I think) is simply attempt to sudo, close that connection, and then try again, this time capturing the output. If I get the expected output, then I know the sudo attempt worked. If I don't, then I need to do something else.

Here is what I'm trying currently:

#!/usr/bin/perl use strict; use warnings; use Net::OpenSSH; foreach my $host (qw/rasto@172.16.0.100 rasto@172.16.0.101/) { my $pass2 = 'orange!'; my $ssh = Net::OpenSSH->new($host); $ssh->error and die "unable to connect to remote host: " . $ssh->error +; $ssh->system('sudo -K'); #just ensuring that sudo prompts for password my ($in, $out, $err, $pid) = $ssh->open3('sudo ls'); sleep 1; print $in $pass2 . "\n"; close $in; close $out; close $err; waitpid ($pid, 0); my $ssh2 = Net::OpenSSH->new($host); $ssh2->error and die "unable to connect to remote host: " . $ssh2->err +or; my @capture = $ssh2->capture('sudo ls 2>&1'); print @capture; }
The first machine has a different sudo password, and thus will fail. But when I try this I get:
rasto@frodo:~/cc$ ./test.pl channel 2: bad ext data channel 2: bad ext data channel 2: bad ext data channel 2: bad ext data channel 2: bad ext data channel 2: bad ext data
And if I hit ctrl-c I'll get the password prompt:
Password:
What I'm kinda thinking is that one of the very cool features of Net::OpenSSH, which I've made heavy use of (thank you Salva!), is that it automagically prompts you if a remote machine puts up a sudo password prompt during a session, and it Just Works. So it's like attaching/re-attaching STDIN, STDOUT intelligently (I presume). But now that functionality is getting in my way?

Replies are listed 'Best First'.
Re: Trapping sudo failures via Net::OpenSSH
by rastoboy (Monk) on Mar 06, 2011 at 18:50 UTC
    Got it! After a process of elimination, I discovered that the weird errors likely had to do with reading/writing to filehandles that weren't ready to be written to/read from, and I recalled Zentara's post to me in a very similar situation:

    http://perlmonks.org/?node_id=884178

    And indeed, I found that utilizing IO::Select to only read/write to known ready filehandles that got rid of the bizarre errors. Then it was just a matter of finding the correct voodoo to keep the program from prompting me (the user) for a password, ever, which was basically a matter of appending a bunch of \n's to the password writing process. Lame, yes--but it works :-)

    If anyone knows of more elegant ways to do this, that would be great, but this works:

    #!/usr/bin/perl use strict; use warnings; use Net::OpenSSH; use IO::Select; foreach my $host (qw/rasto@172.16.0.102 rasto@172.16.0.100/) { print "doing $host\n"; my $pass2 = 'orange!'; my $ssh = Net::OpenSSH->new($host); $ssh->error and die "unable to connect to remote host: " . $ssh->e +rror; $ssh->system('sudo -K'); my( $in, $out, $err, $pid ) = $ssh->open3("sudo ls"); my $sel = new IO::Select( $in, $err ); my( @readready, @writeready ); foreach my $fh ( $sel->can_write(5) ) { if( $fh == $in && fileno $in ) { syswrite( $in, $pass2 . "\n\n\n\n\n\n" ); } } my @output; foreach my $fh ( $sel->can_read(5) ) { print "inside foreach\n"; @output = <$err>; } if( grep { $_ =~ /Sorry/gsm } @output ) { print "fail\n"; } else { print "success!\n"; } close $in; close $out; close $err; }

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://891505]
Approved by toolic
Front-paged by toolic
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others chilling in the Monastery: (7)
As of 2024-03-28 22:20 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found