Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

su to root in a perlscript

by NaSe77 (Monk)
on Aug 01, 2002 at 12:25 UTC ( [id://186751]=perlquestion: print w/replies, xml ) Need Help??

NaSe77 has asked for the wisdom of the Perl Monks concerning the following question:

i have a little problem or no its rather a wandering is there a way to do something like this in perl:

  • i am a normal user
  • su to root
  • do the stuff i need to be root to
  • switch back

    it clear that something like

    my $rootID = getpwnam("root"); $< = $rootID; $> = $<;
    wont work ... so if anyone knows a way to do so ....

    ----
    NaSe
    :x

  • Replies are listed 'Best First'.
    Re: su to root in a perlscript
    by atcroft (Abbot) on Aug 01, 2002 at 13:15 UTC

      virtualsue kicked around a problem that sounds a lot like this earlier this year in Running Perl program w/root privs via cron, which might contain some info useful to you as well.

      Although it may not be quite what you're needing, in addition to the comments so far regarding the use of sudo, depending on the operations and environment there may also be the possibility you could use ssh public/private key pairs lacking passwords to do specific operations. Doing so would also have the advantage of not requiring your root password to reside in the scripts.

      Hope all the comments help, and maybe let us know which solution worked out best for you and why, maybe.

        the the instance i think i go for something like this (its not too pretty but works):
        sub rootMeAndDoStuff(){ my $rootID = getpwnam("root"); if (not ($rootID eq $<)){ print "U have to be root to do the following ...\n"; system "su -c $PartToDoAsRoot"; } }
        but i am not very content with it since this wont work under win32. and sooner or later it has to.

        update: there is in fact a way to do exactly the same under win32:

        sub adminMe(){ my $adminID = 0; if (not ($adminID eq $<)){ print "U have to be an Administator to do this ...\n"; print "Give me a name of a local Administator:\n"; my $admin = <STDIN>; chomp $admin; my $hostname = hostname; system "runas /user:$hostname\\$admin \"cmd /K perl $whatToDoAsAdmin\""; } }

        ----
        NaSe
        :x

          The Unix approach would be to just die if you are not root (if you are sure you need to be root!) and let the user call su or sudo himself (or the script that is calling your perlscript). You might like su, others don't. (If you are not sure, just go ahead and let the program die when it encounters missing privileges.)

          Windows has a very different concept of users, so of course you won't be able to find a single solution that works for Windows and Unix. For Win95/Win98, you can do whatever you want without changing user. For WinNT/Win2K/WinXP, things are more complicated. I don't think there's a solution for WinNT. For Win2K and WinXP, programs can be executed under different privileges. I don't know how accessible the interface is. It *might* be possible, check CPAN (I didn't see anything, but I just shot a quick glance). But it is definitely more effort than just changing a variable.

          Again, the most straightforward solution is to let the user log in as supervisor, then execute the script.

          UpdateTake a look at Re: Running Perl program w/root privs via cron. It could help you to not have to enter a password for Unix (using sudo).

    Re: su to root in a perlscript
    by Abigail-II (Bishop) on Aug 01, 2002 at 12:48 UTC
      su isn't a fruitful road to go. su just starts a new shell, and shells are for interactive work.

      I suggest you install sudo, it's designed for this kinds of tasks.

      Abigail

        You can find it at SUDO
    Re: su to root in a perlscript
    by crenz (Priest) on Aug 01, 2002 at 12:59 UTC

      You won't be able to change your UID (see also POSIX) unless your script has root privileges to begin with (unless you do weird stuff like promping for the root password etc. etc.). Modifying $< and $> is only useful if you are root and need to be another user to perform certain functions.

      Why not use sudo (or su, if you can't use sudo) to call the script?

          sudo myscript.pl

      This is the standard way to perform root functions. For example, if you install new perl modules, you will naturally do

      perl Makefile.PL make make test sudo make install

      instead of relying on make to make itself root to install the files. This way, you give control to the user -- the way it should be.

    Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Domain Nodelet?
    Node Status?
    node history
    Node Type: perlquestion [id://186751]
    Approved by rattusillegitimus
    help
    Chatterbox?
    and the web crawler heard nothing...

    How do I use this?Last hourOther CB clients
    Other Users?
    Others cooling their heels in the Monastery: (3)
    As of 2024-03-29 06:10 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?

      No recent polls found