tsk1979 has asked for the wisdom of the Perl Monks concerning the following question:

Suppose I have a perl script, say "run.pl" User does ./run.pl The script then asks the user a username and a password. After the user supplies the same the script should perform all operations, lets say file open close, system commands etc., under the $username given. Any tips?

Replies are listed 'Best First'.
Re: Changing user in perl script
by tirwhan (Abbot) on Mar 24, 2006 at 11:07 UTC

    Use sudo. It's the perfect tool for exactly this requirement and reimplementing it yourself is hard to do correctly and would likely lead to gaping security holes.


    All dogma is stupid.
[reply]
[d/l]
Re: Changing user in perl script
by johngg (Canon) on Mar 24, 2006 at 11:48 UTC
    I agree with tirwhan that sudo is the tool for the job. If you must do user authentication in a script use Term::ReadKey to stop the password being echoed to the screen.

    use Term::ReadKey;
...
print "Password? ";
ReadMode 'noecho';
$password = ReadLine 0;
ReadMode 'normal';
...

    [download]

    Cheers,

    JohnGG

[reply]
[d/l]
Re: Changing user in perl script
by wazoox (Prior) on Mar 24, 2006 at 12:14 UTC
    Better use su, su is more common (sudo is absent on many Unixen), and su runs using the target user password (sudo uses the source user password by default, so you'll have to tweak the /etc/sudoers file to get what you want).
[reply]
Re: Changing user in perl script
by moof1138 (Curate) on Mar 24, 2006 at 22:56 UTC
    I am assuming you are on some kind of UNIX here, I am not sure how Windows handles this side of things.

    Agreeing with others, if you can use sudo, this is what I would recommend.

    If the script is running as root you can change your UID and or EUID. There are special variables $< and $> that hold them. This is dangerous, so you need to give a lot of thought to security, but I have run into an odd case where I have found this useful.
[reply]
      Beginning with Windows 2000 Microsoft started including an su like comamnd called RunAs.exe.
[reply]
Re: Changing user in perl script
by jcc (Sexton) on Mar 30, 2006 at 20:51 UTC
    I may be missing something here... but with both sudo and su you're going to have to deal with prompts unless the initial script is run as a superuser. How about: 
    #!/usr/bin/perl
$|++;
print "enter someuser password at the prompt below:$/";
$i=`su someuser -c "whoami"`;
print $i;

    [download]
[reply]
[d/l]
Re: Changing user in perl script
by tweetiepooh (Hermit) on Mar 24, 2006 at 11:37 UTC
    Telnet back into localhost with given details, feed in commands and read the output.
[reply]
      You forgot the smiley. You aren't serious, are you ?
[reply]
        Can't see the problem. Please enlighten.

        If you use Net::Telnet to localhost, login in as the new user, you can run commands via the telnet session and still process data as the real user.

        One reason to do this is if sudo is missing and you are not allowed to install.

        We have a network of machines and I maintain a central perl system on a NFS mount. The boxes on the network don't have sudo installed and to install would be frowned upon but they can run the central perl. I suppose I could sneak sudo onto the central perl directory structure.

        Anyhow localhost doesn't expose to network and would provide a solution if sudo is unavailable.

[reply]
        A reply falls below the community's threshold of quality. You may see it by logging in.

Back to Seekers of Perl Wisdom