LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Programming (https://www.linuxquestions.org/questions/programming-9/)
-   -   Perl Expect Module to give passwords for remote sudo commands (https://www.linuxquestions.org/questions/programming-9/perl-expect-module-to-give-passwords-for-remote-sudo-commands-883713/)

vikas027 05-31-2011 08:03 AM
Perl Expect Module to give passwords for remote sudo commands
 
Hi All,

I have written a script to run commands on remote servers, it is working fine.

But when I am running "sudo commands" on the remote servers, it asks for me password after prompting for ssh password. I am unable to automate this password prompt (which is just after ssh password prompt).

This is the function I am using to provide passwords
Code:
pass ()
{
cd  $DIR/"$dt1"_"$dt"
/usr/bin/perl << 'EOF'
use strict;
use Expect;

my $timeout = '320';
my $pass = `cat password`;
my $cmd = `cat cmd`;

my $exp = Expect->spawn("$cmd")
or die "Cannot spawn ssh: $!\n";

$exp->expect($timeout,
 ["assword:",sub {$exp->send("$pass\n");}]
 );

$exp->soft_close()
EOF
cd $DIR
}
I want the same function to be used , when it expects for sudo passwords for any of the below lines:
Code:
[sudo] password for vikas:
or
Password:
This is my "cmd" file passed in pass () function.
Code:
ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no 192.168.1.100 "bash rcmds"


This is my script output
Quote:
[vikas@box1 ~]$ ./rscript.sh
++ rm -rf /home/vikas/May_31
++ mkdir -p /home/vikas/May_31
++ set +x


Checking if Hosts are reachable .........

++ ping -c 2 random
ping: unknown host random
++ '[' 2 -eq 0 ']'
++ echo -e -n '\n\n random is UNREACHABLE...\n\n\t\t Please CHECK ...!!\n\n'


random is UNREACHABLE...

Please CHECK ...!!

++ echo random
++ set +x
++ ping -c 2 192.168.1.100
++ '[' 0 -eq 0 ']'
++ echo 192.168.1.100
++ set +x
Please enter password for vikas : Vicky#098
++ host=192.168.1.100
++ '[' 192.168.1.100 == CBICDG-J04 ']'
++ echo 'scp -p -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no /home/vikas/May_31/rcmds 192.168.1.100:'
++ pass
++ cd /home/vikas/May_31
++ /usr/bin/perl
Warning: Permanently added '192.168.1.100' (RSA) to the list of known hosts.
reverse mapping checking getaddrinfo for kick.168.192.in-addr.arpa failed - POSSIBLE BREAK-IN ATTEMPT!
vikas@192.168.1.100's password:
rcmds 100% 189 0.2KB/s 00:00
++ cd /home/vikas
++ echo 'ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no 192.168.1.100 "bash rcmds"'
++ pass
++ cd /home/vikas/May_31
++ /usr/bin/perl
Warning: Permanently added '192.168.1.100' (RSA) to the list of known hosts.
reverse mapping checking getaddrinfo for kick.168.192.in-addr.arpa failed - POSSIBLE BREAK-IN ATTEMPT!
vikas@192.168.1.100's password: <--- This is working fine
[sudo] password for vikas: <--- I am stucked in giving this password
Any suggestions, how to automate the password prompt required for sudo commands.

Thanks in advance.

estabroo 05-31-2011 05:05 PM
I think perl's expect handles regex in the patterns so you could use a pattern like below to match both of them

Code:
$exp->expect($timeout,
 ['-re',"assword.*?:",sub {$exp->send("$pass\n");}]
 );

vikas027 06-01-2011 06:04 AM
Quote:
Originally Posted by estabroo (Post 4372386)
I think perl's expect handles regex in the patterns so you could use a pattern like below to match both of them

Code:
$exp->expect($timeout,
 ['-re',"assword.*?:",sub {$exp->send("$pass\n");}]
 );
Hi estabroo,
This too not working for me.
Same error. :(

vikas027 06-01-2011 02:20 PM
Hi All/Estabroo

I was not able to provide two password entries simultaneously, but I did a work around. I first added ssh-keys and then ran sudo command through ssh , and then supplied password from my pass function. This indeed worked well for me :)


BUT, still my question remains the same, how to provide input automatically when there is more than one input is required.

For E.g. ssh-keygen -t dsa requires user to press enter key (taking all defaults) 4-5 times.

Anyway to automate this through perl-Expect ?

bigearsbilly 06-01-2011 05:01 PM
edit the sudoers file to disable passwords for some commands.

vikas027 06-01-2011 05:09 PM
Quote:
Originally Posted by bigearsbilly (Post 4373529)
edit the sudoers file to disable passwords for some commands.
That is the easiest way to do so, but sadly my customer prohibits that.

bigearsbilly 06-01-2011 05:13 PM
you have a silly customer.
:-)

perhaps the admin at the other end is a bit rubbish?
I'm glad it isn't my job.

can you not convince them this is impractical?

bigearsbilly 06-01-2011 05:19 PM
have you tried using autoexpect

it usually comes with expect.

That's usually where I start.

vikas027 06-02-2011 04:12 AM
Quote:
Originally Posted by bigearsbilly (Post 4373539)
have you tried using autoexpect

it usually comes with expect.

That's usually where I start.
I do not have any option apart from perl-Expect.


All times are GMT -5. The time now is 01:28 PM.