A strange request [Solved :) ]

Post here if you are a new Porteus member and you're looking for some help.
User avatar
Ed_P
Contributor
Contributor
Posts: 3066
Joined: 06 Feb 2013, 22:12
Distribution: Cinnamon 3.2.2 64-bit ISO
Location: Western NY, USA

A strange request [Solved :) ]

Post#1 by Ed_P » 22 Jun 2016, 03:52

Is it possible to feed the password to the root id in a script?

I ask because I have a module in my Optional folder that I would like to invoke without having to input the root password to activate it.
Last edited by Ed_P on 23 Jun 2016, 16:09, edited 1 time in total.
Ed

Bogomips
Full of knowledge
Full of knowledge
Posts: 2522
Joined: 25 Jun 2014, 15:21
Distribution: 3.2.2 Cinnamon & KDE5
Location: London

Re: A strange request

Post#2 by Bogomips » 22 Jun 2016, 11:45

Normally use sudo for that. Need a sudoers file if you haven't already got one. Or if you feel that;s too insecure there is Super. Did module for 3.1.
Linux porteus 4.4.0-porteus #3 SMP PREEMPT Sat Jan 23 07:01:55 UTC 2016 i686 AMD Sempron(tm) 140 Processor AuthenticAMD GNU/Linux
NVIDIA Corporation C61 [GeForce 6150SE nForce 430] (rev a2) MemTotal: 901760 kB MemFree: 66752 kB

User avatar
Ed_P
Contributor
Contributor
Posts: 3066
Joined: 06 Feb 2013, 22:12
Distribution: Cinnamon 3.2.2 64-bit ISO
Location: Western NY, USA

Re: A strange request

Post#3 by Ed_P » 22 Jun 2016, 16:20

Bogomips wrote:Normally use sudo for that. Need a sudoers file if you haven't already got one. Or if you feel that;s too insecure there is Super. Did module for 3.1.
Afraid I don't understand Bogomips. Things I have tried:

Code: Select all

su < toor
su < echo toor
echo toor | su
echo toor sudo
echo toor > sudo 
With dismal results.

Code: Select all

guest@porteus:~$ test.sh
+ su
./test.sh: line 5: toor: No such file or directory
+ su toor
./test.sh: line 6: echo: No such file or directory
+ echo toor
+ su
su: must be run from a terminal
+ echo toor sudo
toor sudo
+ echo toor
+ exit
guest@porteus:~$ sudo -help
sudo: Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified
usage: sudo [-D level] -h | -K | -k | -V
usage: sudo -v [-AknS] [-D level] [-g groupname|#gid] [-p prompt] [-u user
            name|#uid]
usage: sudo -l[l] [-AknS] [-D level] [-g groupname|#gid] [-p prompt] [-U user
            name] [-u user name|#uid] [-g groupname|#gid] [command]
usage: sudo [-AbEHknPS] [-C fd] [-D level] [-g groupname|#gid] [-p prompt] [-u
            user name|#uid] [-g groupname|#gid] [VAR=value] [-i|-s] [<command>]
usage: sudo -e [-AknS] [-C fd] [-D level] [-g groupname|#gid] [-p prompt] [-u
            user name|#uid] file ...
I'll Google the sudo file you referenced and see what I can find.
Ed

Bogomips
Full of knowledge
Full of knowledge
Posts: 2522
Joined: 25 Jun 2014, 15:21
Distribution: 3.2.2 Cinnamon & KDE5
Location: London

Re: A strange request

Post#4 by Bogomips » 22 Jun 2016, 17:15

Ed_P wrote:I'll Google the sudo file you referenced and see what I can find.
No need. /etc/sudoers

Code: Select all

guest@porteus:~$ sudo cat /etc/sudoers:
## sudoers file.
##
## This file MUST be edited with the 'visudo' command as root.
## Failure to use 'visudo' may result in syntax or file permission errors
## that prevent sudo from running.
##
## See the sudoers man page for the details on how to write a sudoers file.
##

##
## Host alias specification
##
## Groups of machines. These may include host names (optionally with wildcards),
## IP addresses, network numbers or netgroups.
# Host_Alias	WEBSERVERS = www1, www2, www3

##
## User alias specification
##
## Groups of users.  These may consist of user names, uids, Unix groups,
## or netgroups.
# User_Alias	ADMINS = millert, dowdy, mikef

##
## Cmnd alias specification
##
## Groups of commands.  Often used to group related commands together.
# Cmnd_Alias	PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, \
# 			    /usr/bin/pkill, /usr/bin/top

##
## Defaults specification
##
## You may wish to keep some of the following environment variables
## when running commands via sudo.
##
## Locale settings
# Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET"
##
## Run X applications through sudo; HOME is used to find the
## .Xauthority file.  Note that other programs use HOME to find   
## configuration files and this may lead to privilege escalation!
# Defaults env_keep += "HOME"
##
## X11 resource path settings
# Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH"
##
## Desktop path settings
# Defaults env_keep += "QTDIR KDEDIR"
##
## Allow sudo-run commands to inherit the callers' ConsoleKit session
# Defaults env_keep += "XDG_SESSION_COOKIE"
##
## Uncomment to enable special input methods.  Care should be taken as
## this may allow users to subvert the command being run via sudo.
# Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
##
## Uncomment to enable logging of a command's output, except for
## sudoreplay and reboot.  Use sudoreplay to play back logged sessions.
# Defaults log_output
# Defaults!/usr/bin/sudoreplay !log_output
# Defaults!/usr/local/bin/sudoreplay !log_output
# Defaults!/sbin/reboot !log_output

##
## Runas alias specification
##

##
## User privilege specification
##
root ALL=(ALL) ALL

## Uncomment to allow members of group wheel to execute any command
# %wheel ALL=(ALL) ALL

## Same thing without a password
guest ALL=(ALL) NOPASSWD: ALL

## Uncomment to allow members of group sudo to execute any command
# %sudo	ALL=(ALL) ALL

## Uncomment to allow any user to run sudo if they know the password
## of the user they are running the command as (root by default).
# Defaults targetpw  # Ask for the password of the target user
# ALL ALL=(ALL) ALL  # WARNING: only use this together with 'Defaults targetpw'

## Read drop-in files from /etc/sudoers.d
## (the '#' here does not indicate a comment)
#includedir /etc/sudoers.d
Set pemissions:

Code: Select all

guest@porteus:~$ ls -l /etc/sudoers
-r--r----- 1 root root 2846 Feb 18 21:29 /etc/sudoers
Thereafter

Code: Select all

sudo activate <package>.xzm
:wink:
Linux porteus 4.4.0-porteus #3 SMP PREEMPT Sat Jan 23 07:01:55 UTC 2016 i686 AMD Sempron(tm) 140 Processor AuthenticAMD GNU/Linux
NVIDIA Corporation C61 [GeForce 6150SE nForce 430] (rev a2) MemTotal: 901760 kB MemFree: 66752 kB

donald
Full of knowledge
Full of knowledge
Posts: 1125
Joined: 17 Jun 2013, 13:17
Distribution: Porteus 3.2.2 XFCE 32bit
Location: Germany

Re: A strange request

Post#5 by donald » 22 Jun 2016, 17:17

Hi Ed

Note: I do not have/use sudo -- therefore not tested.

For sudo there is a -S option for accepting the password from standard input.
This would allow you to run a command like:

Code: Select all

echo mypassword | sudo -S mycommand
One would not want to run this if there is any danger of someone else seeing the password
in the shell history -- beware of the risks.

User avatar
Ed_P
Contributor
Contributor
Posts: 3066
Joined: 06 Feb 2013, 22:12
Distribution: Cinnamon 3.2.2 64-bit ISO
Location: Western NY, USA

Re: A strange request

Post#6 by Ed_P » 22 Jun 2016, 17:35

Wow!! Thanks Bogomips.

Did you use visudo to edit the /etc/sudoers file?

Are your changes the removal of the

Code: Select all

guest ALL=(ALL) ALL
line and the edit of

Code: Select all

# %wheel ALL=(ALL) NOPASSWD: ALL
to

Code: Select all

guest ALL=(ALL) NOPASSWD: ALL
See I do read, once I know what to read. :D
Does this change let guest use sudo for all commands? Can it limit guest to just the activate / deactivate commands.

Anyways, thanks again for your help, and quick response. Especially with so much going on today. :lol:
Ed

Bogomips
Full of knowledge
Full of knowledge
Posts: 2522
Joined: 25 Jun 2014, 15:21
Distribution: 3.2.2 Cinnamon & KDE5
Location: London

Re: A strange request

Post#7 by Bogomips » 22 Jun 2016, 17:41

Ed_P wrote: Can it limit guest to just the activate / deactivate commands.
Super will do that. It's one of the modules I've put up for 3.1. Just activate it and read the manual. 8)
Linux porteus 4.4.0-porteus #3 SMP PREEMPT Sat Jan 23 07:01:55 UTC 2016 i686 AMD Sempron(tm) 140 Processor AuthenticAMD GNU/Linux
NVIDIA Corporation C61 [GeForce 6150SE nForce 430] (rev a2) MemTotal: 901760 kB MemFree: 66752 kB

User avatar
Ed_P
Contributor
Contributor
Posts: 3066
Joined: 06 Feb 2013, 22:12
Distribution: Cinnamon 3.2.2 64-bit ISO
Location: Western NY, USA

Re: A strange request

Post#8 by Ed_P » 22 Jun 2016, 17:56

donald wrote:For sudo there is a -S option for accepting the password from standard input.
This would allow you to run a command like:

Code: Select all

echo mypassword | sudo -S mycommand
Hi Don.

I tried that approach a while back

Code: Select all

#!/bin/sh

echo "toor" | sudo -S "chrome.sh";
#http://stackoverflow.com/questions/4857702/how-to-provide-password-to-a-command-that-prompts-for-one-in-bash
exit
which resulted in

Code: Select all

guest@porteus:~$ foe.sh
Password:Activating Chrome module
which did not work for me. The script ran but as guest and thus didn't activate the module. Did I miss something?
Ed

donald
Full of knowledge
Full of knowledge
Posts: 1125
Joined: 17 Jun 2013, 13:17
Distribution: Porteus 3.2.2 XFCE 32bit
Location: Germany

Re: A strange request

Post#9 by donald » 22 Jun 2016, 22:09

Hi Ed

The command would read

Code: Select all

guest@porteus:~$ echo guest | sudo -S activate /home/guest/Downloads/deadbeef-0.4.4-i486-1_SBo.xzm
It has to be guest's Password to trigger "sudo". :wink:

User avatar
Ed_P
Contributor
Contributor
Posts: 3066
Joined: 06 Feb 2013, 22:12
Distribution: Cinnamon 3.2.2 64-bit ISO
Location: Western NY, USA

Re: A strange request

Post#10 by Ed_P » 22 Jun 2016, 23:30

donald wrote:The command would read

Code: Select all

guest@porteus:~$ echo guest | sudo -S activate /home/guest/Downloads/deadbeef-0.4.4-i486-1_SBo.xzm
Thank you Don. :) Actually I've been playing around with this for the last hr or so, reading man sudo and testing various options when I hit upon, I don't need sudo to activate a module. The activate command accepts the pswd directly. :shock:

Code: Select all

echo toor | activate $OPTIONAL/chrome.xzm      > /dev/null 2>&1 &
#and
echo toor | deactivate $OPTIONAL/chrome.xzm    > /dev/null 2>&1 &
work. :Yahoo!:

Thank you guys for helping me with this. :friends: :beer:
Ed

donald
Full of knowledge
Full of knowledge
Posts: 1125
Joined: 17 Jun 2013, 13:17
Distribution: Porteus 3.2.2 XFCE 32bit
Location: Germany

Re: A strange request

Post#11 by donald » 23 Jun 2016, 01:21

@ Ed
Ed_P wrote:The activate command accepts the pswd directly. :shock:
Hmmm...are you sure that you have been "guest"?
I tried this..

Code: Select all

guest@porteus:~/test$ echo toor | activate ./deadbeef.xzm
did not work....the Pw-Gui pops up.
(xfce 3.2rc3 32 Bit always fresh)

User avatar
Ed_P
Contributor
Contributor
Posts: 3066
Joined: 06 Feb 2013, 22:12
Distribution: Cinnamon 3.2.2 64-bit ISO
Location: Western NY, USA

Re: A strange request

Post#12 by Ed_P » 23 Jun 2016, 03:13

donald wrote: Hmmm...are you sure that you have been "guest"?
Definitely.

Code: Select all

guest@porteus:~$ sh fox.sh


guest@porteus:~$ sh fox.sh


guest@porteus:~$ 

Code: Select all

#!/bin/sh

OPTIONAL="/mnt/sda5/porteus3.0/Optional"
TCACHE=/tmp/google-chrome/

#echo toor | sudo -S activate $OPTIONAL/chrome.xzm 
echo toor | activate $OPTIONAL/chrome.xzm      > /dev/null 2>&1 &
read
google-chrome-stable --disk-cache-dir=$TCACHE https://us.forgeofempires.com/page/ > /dev/null 2>&1 &
read
echo toor | deactivate $OPTIONAL/chrome.xzm    > /dev/null 2>&1 &
However...

When I went to run this this time to document my run environment for you I was asked for a password, once. When I reran it I wasn't. Strange. Have to see what happens when I reboot.

What happens if you try

Code: Select all

echo toor | activate  deadbeef.xzm
No ./


I originally signed on to mark the thread Solved.
Ed

User avatar
brokenman
Site Admin
Site Admin
Posts: 5439
Joined: 27 Dec 2010, 03:50
Distribution: Porteus v3.2rcX all desktops
Location: Brazil
Contact:

Re: A strange request

Post#13 by brokenman » 23 Jun 2016, 05:36

Wouldn't it just be easier to use sudo for its intended purpose? You can limit it to certain binaries. This way you only edit one file as opposed to all of your scripts.

Code: Select all

guest ALL=(ALL) NOPASSWD: /opt/porteus-scripts/activate
How do i become super user?
Wear your underpants on the outside and put on a cape.

donald
Full of knowledge
Full of knowledge
Posts: 1125
Joined: 17 Jun 2013, 13:17
Distribution: Porteus 3.2.2 XFCE 32bit
Location: Germany

Re: A strange request

Post#14 by donald » 23 Jun 2016, 12:23

@ Ed
With or without ./..makes no difference.

@ brokenman
It depends..
Yes, if one has only one installation and save changes.
May be, if one has a couple of installations.
No, if one is mostly working in always fresh mode.
(without a changes module, of course) :wink:

User avatar
Ed_P
Contributor
Contributor
Posts: 3066
Joined: 06 Feb 2013, 22:12
Distribution: Cinnamon 3.2.2 64-bit ISO
Location: Western NY, USA

Re: A strange request

Post#15 by Ed_P » 23 Jun 2016, 16:08

donald wrote:@ Ed
With or without ./..makes no difference.
Yeah, I booted today and had to reply the password to both the activate and deactivate. :x Changed back to your sudo -S code and it works. At least so far today, tomorrow who knows.

Code: Select all

   echo toor | sudo -S activate $OPTIONAL/chrome.xzm     > /dev/null 2>&1 &
brokenman wrote:Wouldn't it just be easier to use sudo for its intended purpose?

If we were as half (1/4 actually) as smart as you it would be, but obviously we aren't. :(
You can limit it to certain binaries. This way you only edit one file as opposed to all of your scripts.

Code: Select all

guest ALL=(ALL) NOPASSWD: /opt/porteus-scripts/activate
Thank you brokenman. :beer: Yes, a better solution. :good:

And yes Don I do save changes. And I try to document them for repeating on different systems and for when upgrading systems. And I back them up as xzm modules so I can use them in a read only boot mode. :)

Thanks guys for all your help. :friends:
Ed

Post Reply