Develop Reference

Execute sudo command non-interactively

I would like to execute the following command without interaction:
sudo grep -e "test" /etc/sudoers
I have tried the following method:
tester#compute:~$ echo 'clouduser' | sudo -S grep -e "test" /etc/sudoers
[sudo] password for tester: test ALL=(ALL) NOPASSWD: ALL
The problem is that I am getting the [sudo] password for tester: in front of the response.
How I can cut that part from the front of the answer?
Thanks!

I will answer to my question - maybe someone else will need it:
(echo 'clouduser' | sudo -Si >/dev/null 2>&1); sudo grep -e test /etc/sudoers

Add the following line to your /etc/sudoers file in order to turn on password-less sudo. In this case, I use john as the login account. Change to your own account id.
john ALL=(ALL:ALL) ALL
Alternatively, and perhaps better is to put that line into a file called /etc/sudoers.d/john.

rootless-docker through jenkins pipeline

I am running docker as rootless using the Jenkins pipeline. I have written a pipeline for the same.
But when pipeline executes
export DOCKER_HOST=unix:///run/user/${USERID}/docker.sock
this command it is not working through Jenkins.
I have tried with export this to file and execute but still not working.
when I run env command it is not shown there.
Jenkins Pipeline code
dir("/home/operateadmin/workspace"){
def USERID = '''$( id |grep uid | awk -F '[ ]' '{print $1}' | awk -F '[(]' '{print $1}'| awk -F '[=]' '{print $2}')'''
sh '''#!/bin/bash
source /etc/environment
sudo apt-get install -y uidmap
export DOCKER_HOST=unix:///run/user/$USERID/docker.sock
curl -fsSL https://get.docker.com/rootless | sh
systemctl --user status docker
systemctl --user start docker
'''
}
}
I need to execute
export DOCKER_HOST=unix:///run/user/$USERID/docker.sock
this command using jenkins.

I did not understand the question. But I see you are still messing around with rootless-docker. Good luck.
... by the way, what's wrong with podman?

Cron with command requiring sudo

what would be my options to make a script from command where I need to put my sudo password in?
Im exporting a fsimage and would like to do it on regular basis. It could be run from my accout but ideally, I would like to create a user dedicated to make these exports.
I would like to stay away from using root cron and use a more secure way of doing this
Entire command looks like this:
sudo ssh czmorchr 'hdfs oiv -p Delimited -i $(ls -t /dfs/nn/current/fsimage_* | grep -v md5 |
head -1) -o /dev/stdout 2>/dev/null' | grep -v "/.Trash/" |sed -e 's/\r/\\r/g' | awk 'BEGIN
{ FS="\t"; OFS="\t" } $0 ! ~ /_impala_insert_staging/ && ($0 ~ /^\/user\/hive\/warehouse\/cz_prd/ ||
$0 ~ /^\/user\/hive\/warehouse\/cz_tst/) { split($1,a,"/"); db=a[5]; table=a[6]; gsub(".db$", "", table); }
db && $10 ~ /^d/ {par=""; for(i=7;i<=length(a);i++) pa r=par"/"a[i] } db && $10 !~ /^d/
{ par=""; for(i=7;i<=length(a) - 1;i++) par=par"/"a[i]; file=a[length(a)] } NR > 1 { print db,table, par, file, $0 }' |
hadoop fs -put -f - /user/hive/warehouse/cz_prd_mon_ma.db/hive_warehouse_files/fsim age.tsv

To do something as sudo without entering password, there is an unsafe way, like
echo ubuntu | sudo -S ls
here im granting an ls command with ubuntu user and ubuntu password.
As you can see, piping password to sudo -S works.
Additionaly you need to make user sudoer
here is an example https://askubuntu.com/questions/7477/how-can-i-add-a-new-user-as-sudoer-using-the-command-line.

I was able to resolve this issue using setfacl command. (Context:) I setup another folder in HDFS where standby node should dump its fsimages. Then I used this command and after that, I was able to run the script above without sudo and in a crontab.
setfacl -m u:hdfs:rwx /home/user_name/fsimage-dump/namenode

Update root crontab remotely for many systems by script

I am trying to update the crontab file of 1000+ systems using a for loop from jump host.
The below doesn't work.
echo -e 'pass365\!\n' | sudo -S echo 'hello' >> /var/spool/cron/root
-bash: /var/spool/cron/root: Permission denied
I do have (ALL) ALL in the sudoers file.

This is another solution;
echo 'pass365\!' | sudo -S bash -c 'echo "hello">> /var/spool/cron/root'

The below worked for me.
echo 'pass365\!' | sudo -S echo 'hello' | sudo -S tee -a /var/spool/cron/root > /dev/null

Problem 1: You are trying to send the password via echo to sudo.
Problem 2: You can't use shell redirection in a sudo command like that.
Between the two of these, consider setting up ssh public key authorization and doing
ssh root#host "echo 'hello' \>\> /var/spool/cron/root"
You may eventually get sudo working but it will be so much more pain than this.

SSH to server, Sudo su - then run commands in bash [duplicate]

This question already has answers here:
Pass commands as input to another command (su, ssh, sh, etc)
(3 answers)
Closed 6 years ago.
I have the following
#!/bin/bash
USER='scott'
PASS='tiger'
ssh -t $USER#server006.web.com "sudo su - http"
This Works, but I was trying to get it to run a script afterwards, and if I do, using -c or <
The script does a grep like this:
grep -i "Exception:" /opt/local/server/logs/exceptions.log | grep -e "|*-*-*:*:*,*|" | tail -1 | awk -F'|' '{print $2}' >> log.log
This also works fine on it's own, but I need to be http to do it.
I cannot SCP the output of the script back to server001 either, so I'm stuck here,
Any ideas would be relay appreciated.
Ben

Try
ssh -t $USER#server006.web.com 'sudo -u http grep -i "Exception:" /opt/local/server/logs/exceptions.log | grep -e "|*-*-*:*:*,*|" | tail -1 | awk -F"|" "{print $2}" >> log.log'
Sudo already runs the command as a different user to there's no need to su again.
Only reason to do sudo su is to have a fast way to start a new shell with another user.

You probably want sudo -u instead of sudo su -:
ssh -t $USER#server006.web.com sudo -u http script

Guess I'm late to the party.
My solution:
ssh -t $USER#server006.web.com "sudo cat /etc/shadow"
and replace cat /etc/shadow with your desired program.