Problem using Net::OpenSSH->capture to su to another user

tim.culhane has asked for the wisdom of the Perl Monks concerning the following question:

hi, I'm trying to use Net::OpenSSH to su to another user account, issue a command and capture the output of that command in my perl script. I need to use sudo for the su command in order to get permission to switch users. The code I have right now is:


#!/usr/bin/perl

use Net::OpenSSH;

my $host = "enfcdb01";
my $user = "loguser";
my $password = "cIhyv46iPL8092t";


##-- set up a new connection
my $ssh = Net::OpenSSH->new($host, user => "loguser");

  $ssh->error and die "Couldn't establish SSH connection: ". $ssh->err
+or;

  my @ls = $ssh->capture("ls");
  $ssh->error and
    die "remote ls command failed: " . $ssh->error;

print @ls;

  my @out = $ssh->capture({tty => 1, stdin_data => "$password\n"},
                          'sudo', '-Sk',
'-p', '',
                          '--',
                          'su - imail; ls');


print "the value of out is \n";
print "$out[0]";
[download]

and the output I get is:

loguser@enflog01 check_apps$ ./check_mx_app.pl id_rsa.pub muxserver_accept_control: tcgetattr: Invalid argument tcgetattr: Invalid argument the value of out is

Anybody know what is wrong with my capture call? Thanks, Tim

Comment on Problem using Net::OpenSSH->capture to su to another user Download Code

Replies are listed 'Best First'.
Re: Problem using Net::OpenSSH->capture to su to another user by salva (Canon) on May 30, 2014 at 06:37 UTC
`su` doesn't change the UID of the current shell but creates a new one. Try as follows: `my @out = $ssh->capture({ stdin_data => "$password\n" }, 'sudo', '-Sk', '-p', '', '--', 'su -c "ls" imail');` [download]	[reply] [d/l] [select]
Re^2: Problem using Net::OpenSSH->capture to su to another user by tim.culhane (Initiate) on Jun 04, 2014 at 08:37 UTC
Hi Salva, Thanks for your response. Unfortunately when I try your code I get: sudo: sorry, you must have a tty to run sudo When I add: tty => 1, I get my original error back again: muxserver_accept_control: tcgetattr: Invalid argument tcgetattr: Invalid argument If I ssh to the remote server and manually issue some 'sudo su' commands I get output like the below: loguser@enfcdb01 ~$ sudo su imail We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. sudo password for loguser: imail@enfcdb01 loguser$ So this works and I'm now able to operate as the imail user. Using the '-c' option to su I get: loguser@enfcdb01 ~$ sudo su -c "ls" imail ls: cannot open directory .: Permission denied Trying the same using the 'pwd' command: loguser@enfcdb01 ~$ sudo su -c "pwd" imail /home/loguser This seems to just report the current working directory of the loguser user, i.e. it has not changed to the imail home directory (which is perhaps expected with the '-c' option to su?) Any additional ideas on how I can get this to work? Thanks, Tim	[reply]
Re^3: Problem using Net::OpenSSH->capture to su to another user by poj (Abbot) on Jun 04, 2014 at 10:57 UTC
Any additional ideas on how I can get this to work? You could try using in conjuction with `Expect`; #!/usr/bin/perl use strict; use warnings; use Net::OpenSSH; use Expect; select STDOUT; $\| = 1; select STDERR; $\| = 1; my $timeout = 5; my $password = ''; my $user = ''; my $host = ''; my $ssh = Net::OpenSSH->new(host=>$host, user=>$user, password=>$password); my ($pty, $pid) = $ssh->open2pty("sudo -k; sudo su - imail -c ls") or die "open2pty failed: " . $ssh->error . "\n"; my $expect = Expect->init($pty); $expect->raw_pty(1); $expect->expect($timeout, ':') or die "expect failed\n"; $expect->send("$password\n"); $expect->expect($timeout, "\n") or die "bad password\n"; while(<$pty>) { print "$. $_" } [download] poj	[reply] [d/l] [select]
Re^4: Problem using Net::OpenSSH->capture to su to another user by Anonymous Monk on Jun 13, 2014 at 11:50 UTC
Re^5: Problem using Net::OpenSSH->capture to su to another user by salva (Canon) on Jun 13, 2014 at 12:34 UTC
Some notes below your chosen depth have not been shown here
Re^3: Problem using Net::OpenSSH->capture to su to another user by salva (Canon) on Jun 04, 2014 at 09:38 UTC
sudo: sorry, you must have a tty to run sudo You are using an old version of `sudo`. Update it if you can. I get my original error back again: `muxserver_accept_control: tcgetattr: Invalid argument tcgetattr: Inval +id argument` [download] This error is harmless, you can safely ignore it. Also, you can silence it adding the following option into the constructor call: `master_stderr_discard => 1` `sudo su -c "pwd" imail /home/loguser` [download] This seems to just report the current working directory of the loguser user Add the flag `-l` to the `su` command: `sudo su -lc "pwd" imail`	[reply] [d/l] [select]
Re^4: Problem using Net::OpenSSH->capture to su to another user by tim.culhane (Initiate) on Jun 04, 2014 at 10:55 UTC
Re^5: Problem using Net::OpenSSH->capture to su to another user by salva (Canon) on Jun 04, 2014 at 11:05 UTC
Some notes below your chosen depth have not been shown here