simple automated login

Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Hello, After half a day of searches here and on google, I still have not found any login script such that I can do this on Unix: $success_or_failure = login($user, $password); I am writing an application that I want to have the low-tech user install. If root privileges are needed, I pop up a tk message telling him so, and requesting the root password. I want to take that password and just "login("root", $password)". Windows is no problem because there are built in Windows commands that effect what I need. It is Linux that seems to be lacking. I have read the code of Unix::Login. It only checks that the user has the valid password for the name passed in, and then runs commands with the permissions of the original running script! It FAKES the login. Besides, it creates a prompt box, and I wish to avoid that, too. Hence the need for a "behind the scenes" login routine. Anyone have any ideas on how to approach this? Thanks

Comment on simple automated login

Replies are listed 'Best First'.
Re: simple automated login by jdalbec (Deacon) on Aug 31, 2004 at 02:07 UTC
In Unix the only way to get root privileges is by executing a setuid root program. You could make your script setuid and use suidperl, or you could run a separate setuid program such as "su". If your script is setuid, then you don't have to request a root password since you can regain root privileges after dropping them just by re-exec'ing your script. It's generally a good idea to drop root privileges any time you don't need them by `$)=$(; $>=$<;`. If you're using "su" you'll need to use Expect or Expect::Simple to feed the password to the "su" command.	[reply] [d/l]
Re^2: simple automated login by Fletch (Bishop) on Aug 31, 2004 at 02:39 UTC
Much better to use `sudo` with an appropriate `sudoers` configuration which lets you run the command (or limited set of commands, or a wrapper around that limited set of commands) without having to bother with any passwords.	[reply]
Re^2: simple automated login by Anonymous Monk on Sep 01, 2004 at 15:36 UTC
Your suggestion of sending su to Expect led me to recipe 15.13 of Perl Cookbook, "Controlling Another Program with Expect". It works. Thanks. The problem this solves is that an application program needs to install itself, and needs root priviledges to create the /usr/share and other directories. Hence the need to have code that will log in as root. Thanks again.	[reply]
Re: simple automated login by VSarkiss (Monsignor) on Aug 31, 2004 at 02:41 UTC
The "canonical" way to do this on Unix-y systems is with the `sudo` command. It's far more secure because you can specify which users can execute which commands, and also demands the user's own password -- thus there's no need to hand out the root password. You don't specify which flavor of Unix you're using, but take a look at your docs and see if `sudo` is included. If it is, you can use either system or exec or some othe way to access it, depending on what you're doing.	[reply] [d/l] [select]