Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Hi wise ones,

I am trying to figure out how to use 'sudo su -' with a Net::OpenSSH. I've read the various documentation, but I am still stumped. What I want to do is log onto a box, sudo su - to a particular user, and then dump the crontab contents for that user.

Here is what I have so far -- basically, it sudos alright, but hangs before executing the crontab -l. I have to ctrl-c to get out of the script. When I ssh into the box, and sudo su - to the user manually, it works fine.

Any tips would be much appreciated. Thanks! 

use strict;
use warnings;
use Data::Dumper;

use Net::OpenSSH;

my $user = 'user';  #this is just for testing -- final script will ask
+ for user's input.

my $password = 'password'; #this is just for testing -- see above

my $host = 'whater.host.to.check';

my $ssh = Net::OpenSSH->new($host, user => $user, password => $passwor
+d, strict_mode => 0); 


my $test = $ssh->system('sudo su - user && crontab -l');  #once script
+ sudos, script hangs until I ctrl-c. 



print Dumper $test;

print Dumper $ssh;

[download]

Replies are listed 'Best First'.
Re: Net::OpenSSH with sudo su -
by GrandFather (Saint) on Mar 05, 2011 at 20:15 UTC

    Is sudo asking for a password perhaps?

    True laziness is hard work
[reply]
      Okay, it is still super rough, and I haven't put in any error trapping, but I got the following to work: 

      #!/usr/bin/perl

use strict;
use warnings;
use Net::OpenSSH;

print "Enter user name: ";

my $user = <STDIN>;
chomp $user;

print "Enter password: ";
my $password = <STDIN>;

chomp $password;

print "Enter domain :";

my $domain = <STDIN>;

chomp $domain;

my @hosts = `host -l $domain |cut -d " " -f 1`;


foreach my $host (@hosts) {
    chomp $host;

    print "Accessing $host... \n";
    
    my $ssh = Net::OpenSSH->new($host, user => $user, password => $pas
+sword, strict_mode => 0, timeout => 1,   master_opts => [-o => "Stric
+tHostKeyChecking=no"]);


    $ssh->error and warn "ssh failed on $host : " . $ssh->error;
    
    my $test = $ssh->system('sudo crontab -u foouser -l'); 
    
}

      [download]
      Any ideas to make it more elegant/efficient, etc. would be much appreciated. I am *very* rusty with Perl these days...

      Code tags added by GrandFather

[reply]
[d/l]
Re: Net::OpenSSH with sudo su -
by chrestomanci (Priest) on Mar 05, 2011 at 20:21 UTC

    Have you tried running these commands by hand? If not then that is the first thing I would try.

    Do you know if sudo is working correctly? is the user account that you are logging in as listed in the sudoers file? (Or the equivalent sudoers.d/ directory on some systems

    Is your user authorised to run su? The sysadmin of the remote box could have locked down sudo so that only certain known safe commands can be run. (Hardy anyone actually does this, because there are so many commands that can be abused in the wrong hands, so most sysadmins assume that anyone in the sudoers file can get root if they want it, and make sure that only trusted users are added to the file.)

    Are you aware that root can read the crontab of any user, so you could also read a user's crontab with the command: sudo crontab -u <username> -l

[reply]
[d/l]
      Hi, Yes, my user is authorised to run su. Sudo is working correctly, this is something I do manually several times a day. And no, sudo - user doesn't require a password for me. I'll try your alternate root crontab suggestion, and see if that works...
[reply]

Back to Seekers of Perl Wisdom