how to confirm non-root user is a qualified sudo user in a (perl)script?
Ken Wolcott
ken.wolcott at med.ge.com
Thu Mar 18 10:51:41 EST 2004
Hi Aaron;
Thank you very much for your reply.
Did you try your proposed solution? Did you try it for both
"authorized" sudo users and unauthorized users?
I guess I wasn't clear about what the problem is. The script I'm
writing needs to be non-interactive. If an unauthorized user of sudo
attempts to run sudo, the password prompt appears at the tty layer now
making the the script an interactive one. What I wanted to do was to
call sudo in such a way as it would either succeed or fail (error code
return handling), not ask for a password. Since it asks for a password,
it looks like I'll have to use the expect package in CPAN (it is a perl
script that I'm writing). I wanted to avoid using expect (even inside
perl), but it looks like I have no choice.
Ken
On Thu, 2004-03-18 at 06:11, Aaron Spangler wrote:
> How about something like this?
>
> #!/bin/sh
> tmpfile=/tmp/sudo_test$$
>
> sudo touch $tmpfile
> if [ -f $tmpfile ];then
> echo "Your sudo privs work fine"
> else
> echo "Sorry. Unable to use sudo"
> exit 2
> fi
> rm -f $tmpfile
>
> sudo realcommand1
> sudo realcommand2
> sudo realcommand3
> sudo realcommand4
>
> -Aaron
>
>
> ----- Original Message -----
> From: "Ken Wolcott" <ken.wolcott at med.ge.com>
> To: "sudo mailing list" <sudo-users at sudo.ws>
> Sent: Wednesday, March 17, 2004 2:15 PM
> Subject: how to confirm non-root user is a qualified sudo user in a
> (perl)script?
>
>
> > Hi;
> >
> > I am writing a perl script that needs to be run as a non-root user
> > but uses sudo extensively. How do I verify in the
> > script (non-interactively) that the user running the script has
> > sudo privileges? It looks like I need to use expect (*sigh*) to
> > get underneath the tty layer. Right now it looks like I don't have
> > any choice but to assume that the user already has sudo
> > privileges. I have looked at the sudo man pages and in the mailing list
> > archives but I did not find anything I thought was pertinent to the
> > issue I am facing. The sudo privileges must be absolute like the
> > following in the sudoers file:
> >
> > username ALL = NOPASSWD: ALL
> >
> > Any hints?
> >
> > Thanks,
> > Ken
More information about the sudo-users
mailing list