Solved

script for execution root commands

Posted on 1998-10-23
10
320 Views
Last Modified: 2011-10-03
I need execute the command "rdate" from an user application.
Perhaps, it's possible from a script??.
If anyone knows another method please help me!
0
Comment
Question by:elmister
10 Comments
 

Expert Comment

by:greggster
ID: 2007535
rdate can be run from a script, but it does require root privs to
run. Add the following lines to the script file:
/bin/rdate <hostname> (hostname is the name of the system that
has the correct time).

0
 

Author Comment

by:elmister
ID: 2007536
How is possible to login in as root from a script (root with password, of course) for execution of rdate?
P.D I know the root password, of course.
0
 
LVL 2

Expert Comment

by:ray_leach
ID: 2007537
It's a security risk, but try this :

Create your script to run rdate like this:
#! /usr/bin/ksh
# Change to root user
su -
#run rdate
/bin/rdate mypc

Create a second script like this:

#! /usr/bin/ksh
# Run your rdate script
/rdate.sh <<EOT
god    <-- This is your root password
EOT

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 2007538
You cannot rlogin from within a script, it always asks for passwd on stdin.
Why not using rsh?
0
 

Author Comment

by:elmister
ID: 2007539
It doesn't work
It always asks for passwd on stdin
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:elmister
ID: 2007540
Using rsh for rdate?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 2007541
ray_leach suggestion didn't work on modern UNIX except you use a package called expect.

You may try to write a sucmd script as follows:

#! /bin/sh
$*
exit 0


then
chmod u+s sucmd
chown root sucmd

Running this script may be restricted on most UNIXs, you have to patch the kernel then to allow suid-root-scripts (which is more
or less simple, refer to your docs).
0
 
LVL 2

Expert Comment

by:kellyjj
ID: 2007542
If you are running on SCO,  then you can make that command a 'asroot ' command.  Essentially what that means is that there is a list of commands that can be ran regardless of the user.

for example:
/usr/bin/asroot shutdown -g0 -y -i6

this will for use in scripts. It is how I do it for most of our clients.
0
 

Author Comment

by:elmister
ID: 2007543
I Haven't asroot command
0
 
LVL 3

Accepted Solution

by:
mliberi earned 50 total points
ID: 2007544
Your problem is, more generally speaking:
"How may I run a shell script with super user authority?"

The problem is that, for security reasons, all unix operating systems (I think) do not allow SUID scripting.

I solved the problem by writing a shell script compiler that allows you to generate an executable starting from a shell script. It don't represent a security risk because the compiled code can't be easily viewed or changed, so you are sure that the user do only what your program does.

The method is simple:
1) create your shell script (e.g. xxx.sh)
2) compile it               (e.g. kcc xxx.sh)
   the compiler will produce the executable 'xxx'
3) change 'xxx' ownership   (e.g. chown root xxx)
4) set SUID bit             (e.g. chmod u+s xxx)

Any user that run 'xxx' program would become root for the time the process is running.
Avoid forking programs that allows starting a shell, it would be a root shell!

You can download kcx - the shell script compiler from the following URL:
http://www.geocities.com/SiliconValley/Horizon/5745/main.html

It has been compiled for AIX, SunOS, IRIX, Linux and Cygwin32
but could be easily compiled for any unix platform with an ANSI C compiler.

enjoy.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Installing FreeBSD… FreeBSD is a darling of an operating system. The stability and usability make it a clear choice for servers and desktops (for the cunning). Savvy?  The Ports collection makes available every popular FOSS application and packag…
Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now