hansonr has asked for the wisdom of the Perl Monks concerning the following question:

Hello, My first time thread I hope I followed the correct instructions for posting! I have a perl script that adds new users to our Unix box. I am trying, from inside the perl script, to su - database and then connect to another perl script there to complete the authorization of the new user onto the database. I know this will be received with many frowns but right now I am experimenting with the idea. Can this be done?

Replies are listed 'Best First'.
Re: sourcing out my script
by Zaxo (Archbishop) on Mar 10, 2005 at 15:40 UTC

    Sure it can be done, but how depends on which database you're setting them up for, and what user is to run this. Have you tried anything yet?

    For a first cut, look at how you do this by hand and try to reproduce those steps.

    After Compline,
    Zaxo

[reply]
      I have done exactly as you have mentioned, by hand. So, in my perl script I get the new user added just fine, and the password complete. Now, I need to su - dba which, within the perl script I can do but once I am in as dba, I do an ls or pwd and nothing comes back, no commands execute.
[reply]
Re: sourcing out my script
by dragonchild (Archbishop) on Mar 10, 2005 at 15:43 UTC
    To go one step further, is there a reason you're using Perl instead of bash or csh for this? Those seem like they'd be better suited to the type of task you're describing. Perl is great, but Unix isn't just a bootstraping environment for Perl.

    Being right, does not endow the right to be rude; politeness costs nothing.
    Being unknowing, is not the same as being stupid.
    Expressing a contrary opinion, whether to the individual or the group, is more often a sign of deeper thought than of cantankerous belligerence.
    Do not mistake your goals as the only goals; your opinion as the only opinion; your confidence as correctness. Saying you know better is not the same as explaining you know better.

[reply]
      As mentioned, this is an experiment and the usage of what I want to do will evolve into other things. I was just wonder how I can do it?
[reply]
Re: sourcing out my script
by 5mi11er (Deacon) on Mar 10, 2005 at 16:43 UTC
    Perhaps one answer to your needs would be the use of `sudo <script>`?

    Never tried changing effective user in the middle of a running script, so I'm not sure what behavior I would expect when trying that. Come to think of it what mechanism are you using to do the su? If you're doing a system call, the su will only be valid during that single system call, the shell running the perl script isn't going to be changed...

    -Scott

[reply]
Re: sourcing out my script
by thor (Priest) on Mar 10, 2005 at 17:36 UTC
    The thing is that each command that you execute via system or backticks (`) is executed within it's own shell. So, when you execute your su - dba, it will execute that and start up a shell under the dba account (assuming that it's not prompting for a password). Once this happens, the shell will recognize that it's being called non-interactively and exit immediately. You might want to take a look at sudo. sudo allows you to specify the commands to run in the invocation (i.e. sudo -u dba your_command_here). There's a little more setup on the front end, but a lot better security on the back end.

    thor

    Feel the white light, the light within
    Be your own disciple, fan the sparks of will
    For all of us waiting, your kingdom will come

[reply]

Back to Seekers of Perl Wisdom