A strange request [Solved :) ]
- Ed_P
- Contributor
- Posts: 8368
- Joined: 06 Feb 2013, 22:12
- Distribution: Cinnamon 5.01 ISO
- Location: Western NY, USA
A strange request [Solved :) ]
Is it possible to feed the password to the root id in a script?
I ask because I have a module in my Optional folder that I would like to invoke without having to input the root password to activate it.
I ask because I have a module in my Optional folder that I would like to invoke without having to input the root password to activate it.
Last edited by Ed_P on 23 Jun 2016, 16:09, edited 1 time in total.
Ed
-
- Full of knowledge
- Posts: 2564
- Joined: 25 Jun 2014, 15:21
- Distribution: 3.2.2 Cinnamon & KDE5
- Location: London
Re: A strange request
Normally use sudo for that. Need a sudoers file if you haven't already got one. Or if you feel that;s too insecure there is Super. Did module for 3.1.
Linux porteus 4.4.0-porteus #3 SMP PREEMPT Sat Jan 23 07:01:55 UTC 2016 i686 AMD Sempron(tm) 140 Processor AuthenticAMD GNU/Linux
NVIDIA Corporation C61 [GeForce 6150SE nForce 430] (rev a2) MemTotal: 901760 kB MemFree: 66752 kB
NVIDIA Corporation C61 [GeForce 6150SE nForce 430] (rev a2) MemTotal: 901760 kB MemFree: 66752 kB
- Ed_P
- Contributor
- Posts: 8368
- Joined: 06 Feb 2013, 22:12
- Distribution: Cinnamon 5.01 ISO
- Location: Western NY, USA
Re: A strange request
Afraid I don't understand Bogomips. Things I have tried:Bogomips wrote:Normally use sudo for that. Need a sudoers file if you haven't already got one. Or if you feel that;s too insecure there is Super. Did module for 3.1.
Code: Select all
su < toor
su < echo toor
echo toor | su
echo toor sudo
echo toor > sudo
Code: Select all
guest@porteus:~$ test.sh
+ su
./test.sh: line 5: toor: No such file or directory
+ su toor
./test.sh: line 6: echo: No such file or directory
+ echo toor
+ su
su: must be run from a terminal
+ echo toor sudo
toor sudo
+ echo toor
+ exit
guest@porteus:~$ sudo -help
sudo: Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified
usage: sudo [-D level] -h | -K | -k | -V
usage: sudo -v [-AknS] [-D level] [-g groupname|#gid] [-p prompt] [-u user
name|#uid]
usage: sudo -l[l] [-AknS] [-D level] [-g groupname|#gid] [-p prompt] [-U user
name] [-u user name|#uid] [-g groupname|#gid] [command]
usage: sudo [-AbEHknPS] [-C fd] [-D level] [-g groupname|#gid] [-p prompt] [-u
user name|#uid] [-g groupname|#gid] [VAR=value] [-i|-s] [<command>]
usage: sudo -e [-AknS] [-C fd] [-D level] [-g groupname|#gid] [-p prompt] [-u
user name|#uid] file ...
Ed
-
- Full of knowledge
- Posts: 2564
- Joined: 25 Jun 2014, 15:21
- Distribution: 3.2.2 Cinnamon & KDE5
- Location: London
Re: A strange request
No need. /etc/sudoersEd_P wrote:I'll Google the sudo file you referenced and see what I can find.
Code: Select all
guest@porteus:~$ sudo cat /etc/sudoers:
## sudoers file.
##
## This file MUST be edited with the 'visudo' command as root.
## Failure to use 'visudo' may result in syntax or file permission errors
## that prevent sudo from running.
##
## See the sudoers man page for the details on how to write a sudoers file.
##
##
## Host alias specification
##
## Groups of machines. These may include host names (optionally with wildcards),
## IP addresses, network numbers or netgroups.
# Host_Alias WEBSERVERS = www1, www2, www3
##
## User alias specification
##
## Groups of users. These may consist of user names, uids, Unix groups,
## or netgroups.
# User_Alias ADMINS = millert, dowdy, mikef
##
## Cmnd alias specification
##
## Groups of commands. Often used to group related commands together.
# Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, \
# /usr/bin/pkill, /usr/bin/top
##
## Defaults specification
##
## You may wish to keep some of the following environment variables
## when running commands via sudo.
##
## Locale settings
# Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET"
##
## Run X applications through sudo; HOME is used to find the
## .Xauthority file. Note that other programs use HOME to find
## configuration files and this may lead to privilege escalation!
# Defaults env_keep += "HOME"
##
## X11 resource path settings
# Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH"
##
## Desktop path settings
# Defaults env_keep += "QTDIR KDEDIR"
##
## Allow sudo-run commands to inherit the callers' ConsoleKit session
# Defaults env_keep += "XDG_SESSION_COOKIE"
##
## Uncomment to enable special input methods. Care should be taken as
## this may allow users to subvert the command being run via sudo.
# Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
##
## Uncomment to enable logging of a command's output, except for
## sudoreplay and reboot. Use sudoreplay to play back logged sessions.
# Defaults log_output
# Defaults!/usr/bin/sudoreplay !log_output
# Defaults!/usr/local/bin/sudoreplay !log_output
# Defaults!/sbin/reboot !log_output
##
## Runas alias specification
##
##
## User privilege specification
##
root ALL=(ALL) ALL
## Uncomment to allow members of group wheel to execute any command
# %wheel ALL=(ALL) ALL
## Same thing without a password
guest ALL=(ALL) NOPASSWD: ALL
## Uncomment to allow members of group sudo to execute any command
# %sudo ALL=(ALL) ALL
## Uncomment to allow any user to run sudo if they know the password
## of the user they are running the command as (root by default).
# Defaults targetpw # Ask for the password of the target user
# ALL ALL=(ALL) ALL # WARNING: only use this together with 'Defaults targetpw'
## Read drop-in files from /etc/sudoers.d
## (the '#' here does not indicate a comment)
#includedir /etc/sudoers.d
Code: Select all
guest@porteus:~$ ls -l /etc/sudoers
-r--r----- 1 root root 2846 Feb 18 21:29 /etc/sudoers
Code: Select all
sudo activate <package>.xzm
Linux porteus 4.4.0-porteus #3 SMP PREEMPT Sat Jan 23 07:01:55 UTC 2016 i686 AMD Sempron(tm) 140 Processor AuthenticAMD GNU/Linux
NVIDIA Corporation C61 [GeForce 6150SE nForce 430] (rev a2) MemTotal: 901760 kB MemFree: 66752 kB
NVIDIA Corporation C61 [GeForce 6150SE nForce 430] (rev a2) MemTotal: 901760 kB MemFree: 66752 kB
-
- Full of knowledge
- Posts: 2069
- Joined: 17 Jun 2013, 13:17
- Distribution: Porteus 3.2.2 XFCE 32bit
- Location: Germany
Re: A strange request
Hi Ed
Note: I do not have/use sudo -- therefore not tested.
For sudo there is a -S option for accepting the password from standard input.
This would allow you to run a command like:
One would not want to run this if there is any danger of someone else seeing the password
in the shell history -- beware of the risks.
Note: I do not have/use sudo -- therefore not tested.
For sudo there is a -S option for accepting the password from standard input.
This would allow you to run a command like:
Code: Select all
echo mypassword | sudo -S mycommand
in the shell history -- beware of the risks.
- Ed_P
- Contributor
- Posts: 8368
- Joined: 06 Feb 2013, 22:12
- Distribution: Cinnamon 5.01 ISO
- Location: Western NY, USA
Re: A strange request
Wow!! Thanks Bogomips.
Did you use visudo to edit the /etc/sudoers file?
Are your changes the removal of the line and the edit of to See I do read, once I know what to read.
Does this change let guest use sudo for all commands? Can it limit guest to just the activate / deactivate commands.
Anyways, thanks again for your help, and quick response. Especially with so much going on today.
Did you use visudo to edit the /etc/sudoers file?
Are your changes the removal of the
Code: Select all
guest ALL=(ALL) ALL
Code: Select all
# %wheel ALL=(ALL) NOPASSWD: ALL
Code: Select all
guest ALL=(ALL) NOPASSWD: ALL
Does this change let guest use sudo for all commands? Can it limit guest to just the activate / deactivate commands.
Anyways, thanks again for your help, and quick response. Especially with so much going on today.
Ed
-
- Full of knowledge
- Posts: 2564
- Joined: 25 Jun 2014, 15:21
- Distribution: 3.2.2 Cinnamon & KDE5
- Location: London
Re: A strange request
Super will do that. It's one of the modules I've put up for 3.1. Just activate it and read the manual. 8)Ed_P wrote: Can it limit guest to just the activate / deactivate commands.
Linux porteus 4.4.0-porteus #3 SMP PREEMPT Sat Jan 23 07:01:55 UTC 2016 i686 AMD Sempron(tm) 140 Processor AuthenticAMD GNU/Linux
NVIDIA Corporation C61 [GeForce 6150SE nForce 430] (rev a2) MemTotal: 901760 kB MemFree: 66752 kB
NVIDIA Corporation C61 [GeForce 6150SE nForce 430] (rev a2) MemTotal: 901760 kB MemFree: 66752 kB
- Ed_P
- Contributor
- Posts: 8368
- Joined: 06 Feb 2013, 22:12
- Distribution: Cinnamon 5.01 ISO
- Location: Western NY, USA
Re: A strange request
Hi Don.donald wrote:For sudo there is a -S option for accepting the password from standard input.
This would allow you to run a command like:Code: Select all
echo mypassword | sudo -S mycommand
I tried that approach a while back
Code: Select all
#!/bin/sh
echo "toor" | sudo -S "chrome.sh";
#http://stackoverflow.com/questions/4857702/how-to-provide-password-to-a-command-that-prompts-for-one-in-bash
exit
Code: Select all
guest@porteus:~$ foe.sh
Password:Activating Chrome module
Ed
-
- Full of knowledge
- Posts: 2069
- Joined: 17 Jun 2013, 13:17
- Distribution: Porteus 3.2.2 XFCE 32bit
- Location: Germany
Re: A strange request
Hi Ed
The command would read
It has to be guest's Password to trigger "sudo".
The command would read
Code: Select all
guest@porteus:~$ echo guest | sudo -S activate /home/guest/Downloads/deadbeef-0.4.4-i486-1_SBo.xzm
- Ed_P
- Contributor
- Posts: 8368
- Joined: 06 Feb 2013, 22:12
- Distribution: Cinnamon 5.01 ISO
- Location: Western NY, USA
Re: A strange request
Thank you Don. Actually I've been playing around with this for the last hr or so, reading man sudo and testing various options when I hit upon, I don't need sudo to activate a module. The activate command accepts the pswd directly.donald wrote:The command would readCode: Select all
guest@porteus:~$ echo guest | sudo -S activate /home/guest/Downloads/deadbeef-0.4.4-i486-1_SBo.xzm
Code: Select all
echo toor | activate $OPTIONAL/chrome.xzm > /dev/null 2>&1 &
#and
echo toor | deactivate $OPTIONAL/chrome.xzm > /dev/null 2>&1 &
Thank you guys for helping me with this.
Ed
-
- Full of knowledge
- Posts: 2069
- Joined: 17 Jun 2013, 13:17
- Distribution: Porteus 3.2.2 XFCE 32bit
- Location: Germany
Re: A strange request
@ Ed
I tried this..
did not work....the Pw-Gui pops up.
(xfce 3.2rc3 32 Bit always fresh)
Hmmm...are you sure that you have been "guest"?Ed_P wrote:The activate command accepts the pswd directly.
I tried this..
Code: Select all
guest@porteus:~/test$ echo toor | activate ./deadbeef.xzm
(xfce 3.2rc3 32 Bit always fresh)
- Ed_P
- Contributor
- Posts: 8368
- Joined: 06 Feb 2013, 22:12
- Distribution: Cinnamon 5.01 ISO
- Location: Western NY, USA
Re: A strange request
Definitely.donald wrote: Hmmm...are you sure that you have been "guest"?
Code: Select all
guest@porteus:~$ sh fox.sh
guest@porteus:~$ sh fox.sh
guest@porteus:~$
Code: Select all
#!/bin/sh
OPTIONAL="/mnt/sda5/porteus3.0/Optional"
TCACHE=/tmp/google-chrome/
#echo toor | sudo -S activate $OPTIONAL/chrome.xzm
echo toor | activate $OPTIONAL/chrome.xzm > /dev/null 2>&1 &
read
google-chrome-stable --disk-cache-dir=$TCACHE https://us.forgeofempires.com/page/ > /dev/null 2>&1 &
read
echo toor | deactivate $OPTIONAL/chrome.xzm > /dev/null 2>&1 &
When I went to run this this time to document my run environment for you I was asked for a password, once. When I reran it I wasn't. Strange. Have to see what happens when I reboot.
What happens if you try
Code: Select all
echo toor | activate deadbeef.xzm
I originally signed on to mark the thread Solved.
Ed
- brokenman
- Site Admin
- Posts: 6105
- Joined: 27 Dec 2010, 03:50
- Distribution: Porteus v4 all desktops
- Location: Brazil
Re: A strange request
Wouldn't it just be easier to use sudo for its intended purpose? You can limit it to certain binaries. This way you only edit one file as opposed to all of your scripts.
Code: Select all
guest ALL=(ALL) NOPASSWD: /opt/porteus-scripts/activate
How do i become super user?
Wear your underpants on the outside and put on a cape.
Wear your underpants on the outside and put on a cape.
-
- Full of knowledge
- Posts: 2069
- Joined: 17 Jun 2013, 13:17
- Distribution: Porteus 3.2.2 XFCE 32bit
- Location: Germany
Re: A strange request
@ Ed
With or without ./..makes no difference.
@ brokenman
It depends..
Yes, if one has only one installation and save changes.
May be, if one has a couple of installations.
No, if one is mostly working in always fresh mode.
(without a changes module, of course)
With or without ./..makes no difference.
@ brokenman
It depends..
Yes, if one has only one installation and save changes.
May be, if one has a couple of installations.
No, if one is mostly working in always fresh mode.
(without a changes module, of course)
- Ed_P
- Contributor
- Posts: 8368
- Joined: 06 Feb 2013, 22:12
- Distribution: Cinnamon 5.01 ISO
- Location: Western NY, USA
Re: A strange request
Yeah, I booted today and had to reply the password to both the activate and deactivate. Changed back to your sudo -S code and it works. At least so far today, tomorrow who knows.donald wrote:@ Ed
With or without ./..makes no difference.
Code: Select all
echo toor | sudo -S activate $OPTIONAL/chrome.xzm > /dev/null 2>&1 &
brokenman wrote:Wouldn't it just be easier to use sudo for its intended purpose?
If we were as half (1/4 actually) as smart as you it would be, but obviously we aren't.
Thank you brokenman. Yes, a better solution.You can limit it to certain binaries. This way you only edit one file as opposed to all of your scripts.
Code: Select all
guest ALL=(ALL) NOPASSWD: /opt/porteus-scripts/activate
And yes Don I do save changes. And I try to document them for repeating on different systems and for when upgrading systems. And I back them up as xzm modules so I can use them in a read only boot mode.
Thanks guys for all your help.
Ed