I am trying to create directory with sudo user permission over SSH.
Here is the command i formed
some_command "ssh -t userA#host bash -c \"\'sudo -u userB bash -c \" mkdir -p /home/userB/dir_to_create \" \'\" "
here some_command is part of expect script.
I am getting this error :-
[sudo] password for userB:
mkdir: missing operand
Try `mkdir --help' for more information.
Connection to host closed.
If i run
sudo -u userB bash -c "mkdir /home/userB/dir_to_create"
it works.
ssh -t user#host "bash -c \"sudo -u otherUser bash -c 'mkdir -p /home/userB/dir_to_create'\""
should work
Based on comment from Mark Plotnick , i figured out the answer .
Here is the solution to it
spawn bash -c "ssh -t userA#host \"sudo -u userB bash -c 'mkdir -p /home/userB/perf_tools' \" "
Trick is that , single quote and double quote placements make all the magic happen in this script.
Related
The following bash command works to drop down to user privileges, and preserve an environment for the most part:
root#machine:/root# DOLPHIN=1 sudo -E -u someuser bash -c 'echo $DOLPHIN'
1
However, this does not work for all variables, such as PATH, and LD_LIBRARY_PATH:
root#machine:/root# echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
root#machine:/root# sudo -E -u someuser bash -c 'echo $PATH'
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin
Notice the PATH is different ^
Why is this happening?
Must be some bash mechanics I don't understand...
Looks like this is a workable option:
root#machine:/root# sudo PATH=$PATH LD_LIBRARY_PATH=$LD_LIBRARY_PATH -E -u someuser bash -c 'echo $PATH'
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
I have this justfile:
remote:
#!/usr/bin/env bash
read -p 'Password:' -s password
ssh -tt somewhere 'bash -l -s' << 'ENDSSH'
whoami
echo "$password" | sudo su someone 'bash -l -s' << 'ENDSUDO'
whoami
ENDSUDO
ENDSSH
It should:
Ask me for a password
SSH into somewhere
sudo to change the user
execute some scripts
What it does:
It asks for a password a second time.
It stucks on input (no error message).
How to solve this problem?
Update
As suggested by #xhienne, this does almost work, but it says, I use the wrong password:
remote:
#!/usr/bin/env bash
read -p 'Password:' -s password
ssh -tt somewhere 'bash -l -s' << 'ENDSSH'
sudo -S -i -u someone << ENDSUDO
$password
whoami
ENDSUDO
exit
ENDSSH
But this does work:
remote:
#!/usr/bin/env bash
read -p 'Password:' -s password
ssh -tt somewhere 'bash -l -s' << 'ENDSSH'
sudo -S -i -u someone << ENDSUDO
clear-text-password
whoami
ENDSUDO
exit
ENDSSH
Update 2
The answer of #xhienne does work.
With
echo "$password" | sudo su someone 'bash -l -s' << 'ENDSUDO'
whoami
ENDSUDO
You are redirecting stdin twice:
once with |
a second time with <<
Try this:
sudo -S -i -u someone << ENDSUDO
$password
whoami
ENDSUDO
sudo -S will read the password from stdin. sudo -i is a substitute for the ugly sudo su bash -l (but it needs that sudo be properly configured for -u someone)
Note that I removed the quotes around ENDSUDO. Beware of inadvertent substitutions. If you must keep ENDSUDO quoted, then you can try this instead:
{
echo "$password"
cat << 'ENDSUDO'
whoami
ENDSUDO
} | sudo -S -i -u someone
I believe the following will work, if you only want to run whoami instead of several commands:
#!/usr/bin/env bash
read -s -p 'Password: ' password
ssh somewhere whoami
echo "$password" | ssh somewhere sudo -S -u someone whoami
The -S tells sudo to read the password from stdin.
If you want to run several commands with a here-document, see #xhienne's answer.
Error Msg:
command-line: line 0: Bad configuration option:
sh '''ssh -i ${rundeck_rsa_key} -o StrictHostKeyChecking=no -o centos#xxxx.net "sudo su -c "sh ./home/centos/releases/xx.sh" rundeck"'''
Broken Down command (I just made the above command for your convenience)
sh '''ssh -i ${rundeck_rsa_key} -o StrictHostKeyChecking=no
-o centos#xxxx.net "sudo su -c "sh ./home/centos/releases/xx.sh" servc"'''
I'm trying to
ssh into the server
change user to "servc"
execute xx.sh shell
I think there is a syntax error on "sudo su -c "sh ./home/centos/releases/xx.sh" servc"
Do you have any clue?? :D
You can't nest a double quoted string inside another without escaping the inner ones.
Try this:
sh '''ssh -i ${rundeck_rsa_key} -o StrictHostKeyChecking=no -o centos#xxxx.net "sudo su -c \"sh ./home/centos/releases/xx.sh\" rundeck"'''
I have two servers say server A and server B. I have a sudo user say user1 with full privileges on server A and B. I am trying to append the crontab entry of root from server A to server B with the following command. But it's appending on A. I need to append it on server B.
Please find the command below which I am running on server A which should login to server B and append crontab entry of B. Instead its appending on A only.
/usr/bin/sshpass -p 'password' /usr/bin/ssh -o StrictHostKeyChecking=no -l user1 \
10.10.10.10 -t 'echo password' | sudo -S bash -c 'echo "30 10 * * * sh test.sh" >> /var/spool/cron/root'
Kindly help
Enclose the whole command that you want to run remotely in quotes, escaping nested quotes - otherwise, piping will be interpreted locally.
/usr/bin/sshpass -p 'password' ssh -o StrictHostKeyChecking=no -l user1 10.10.10.10 \
-t "echo password | sudo -S bash -c 'echo \"30 10 * * * sh test.sh\" >> /var/spool/cron/root'"
I need to ssh into a machine and execute a bunch of commands under sudo bash. Here is what I've tried:
sshpass -p "vagrant" ssh vagrant#33.33.33.100 "sudo bash -i -c <<EOF
echo
ls
echo
EOF"
But it throws me 'bash: -c: option requires an argument\n'. How can I fix this?
You need to remove -c from your command line to make it accept heredoc:
sshpass -p "vagrant" ssh vagrant#33.33.33.100 "sudo bash <<EOF
echo
ls
echo
EOF"
Also you may remove -i (interactive) option too.
bash -c expects you to provide all commands on command line so this may work too:
sshpass -p "vagrant" ssh vagrant#33.33.33.100 "sudo bash -c 'echo; ls; echo'"