Automation of su password through shell script

aniljindal1983

i just want to do chmod on a file my_file but for that we must be su root. and finally that script will run through crontab
=========================
#!/bin/ksh
PASSWORD="pass123"
echo $PASSWORD>su root
chmod 777 my_file
=========================
I want to login as supervisor and then want to change the rights of the file before moving. but all has to be done through shell script which will be called through cron only

PLEASE HELP

numberwhun

Quote:

Originally Posted by aniljindal1983

i just want to do chmod on a file my_file but for that we must be su root. and finally that script will run through crontab
=========================
#!/bin/ksh
PASSWORD="pass123"
echo $PASSWORD>su root
chmod 777 my_file
=========================
I want to login as supervisor and then want to change the rights of the file before moving. but all has to be done through shell script which will be called through cron only

PLEASE HELP

You do understand how incredibly insecure this is, right? That said, you should not even attempt to do this, especially considering you are hard coding the root password in a script.

If I were your system administrator, I would sit down and have a chat with you about security and the root account, not leaving out why you should understand security before ever again giving you the root password.

Sorry for the rant, but that is the sys admin in me coming out. You really need to understand the severity of what you are trying to do and its consequences.

Regards,

Jeff

ashitpro

You can use 'expect' command for this purpose.
To start with the 'expect' follow the link.
http://www.unix.com/shell-programming-scripting/28194-using-expect-script-shell-script.html

micmast

or use the sudo command

in the sudo file just add the aliases a user can execute without a problem, for example the chmod

then the user only need to do

sudo chmod ....

no password required

sicarie

Quote:

Originally Posted by aniljindal1983

I want to login as supervisor and then want to change the rights of the file before moving. but all has to be done through shell script which will be called through cron only

I could be wrong, but I believe that if you set the cron as root, you will not need a password for this - it will be executed with root permissions.

(sudo crontab -e)

You could also have a look at another idea for creating secure scripts.

prn

I have to go with sicarie's answer: if it needs root privs and it's going to be executed through cron, then put it root's crontab, not your own.

And please pay attention to Jeff's comment. Don't ever hard-code root's password in a plain-text script. That's just asking for trouble.

Besides, we kind of like Jeff around here. We don't want him to have a heart attack. :)

Paul

err97002

Unbelievable how you all have decided to answer a question by simply condoning the guy for asking the question. How do you know he isn't doing this on a home computer where your concerns don't apply? Please don't respond with "...it's always good protocol to be secure and not hard code passwords, blah blah blah..."

It would be great to come to a forum and actually read a response as opposed to a soapbox about possible irrelevant security concerns.

Jeff - perhaps the sysadmin in you could answer the question as opposed to addressing the topic of security?

Nepomuk

Dear err97002,
I understand that you may think this behaviour is not what it should be, but they are fully following both the posting guidelines ("Do not hesitate to point out better methods or technologies (if available) than the ones being used by the OP.") and common sense.

See, if someone asked you, how to use a hammer and the reason would be, because he was planning to kill someone with it, the problem would not really about using a hammer, would it? In this case, the solution the OP was planning to use bared risks, that he probably didn't fully understand. And even if it's a single user computer, there are certain risks with saving passwords in readable format.

Quote:

Originally Posted by err97002

It would be great to come to a forum and actually read a response as opposed to a soapbox about possible irrelevant security concerns.

They may be irrelevant to you, but as a matter of fact, the answer will not only interest the OP but also other people who happen to find this thread and who may not be the only user on their computer.

Quote:

Originally Posted by err97002

Jeff - perhaps the sysadmin in you could answer the question as opposed to addressing the topic of security?

Well, although Jeff didn't answer the question, ashitpro, micmast and sicarie did. So, if you want to add something helpful, then please do. Otherwise, please accept that the direct route is not always the best route.

Greetings,
Nepomuk (Moderator)

Automation of su password through shell script

re: Automation of su password through shell script

re: Automation of su password through shell script

re: Automation of su password through shell script

re: Automation of su password through shell script

re: Automation of su password through shell script

re: Automation of su password through shell script

re: Automation of su password through shell script

Similar Unix / Linux / BSD bytes

/bytes/development

/bytes/it

/bytes/about