Solved

script for execution root commands

Posted on 1998-10-23
10
319 Views
Last Modified: 2011-10-03
I need execute the command "rdate" from an user application.
Perhaps, it's possible from a script??.
If anyone knows another method please help me!
0
Comment
Question by:elmister
10 Comments
 

Expert Comment

by:greggster
ID: 2007535
rdate can be run from a script, but it does require root privs to
run. Add the following lines to the script file:
/bin/rdate <hostname> (hostname is the name of the system that
has the correct time).

0
 

Author Comment

by:elmister
ID: 2007536
How is possible to login in as root from a script (root with password, of course) for execution of rdate?
P.D I know the root password, of course.
0
 
LVL 2

Expert Comment

by:ray_leach
ID: 2007537
It's a security risk, but try this :

Create your script to run rdate like this:
#! /usr/bin/ksh
# Change to root user
su -
#run rdate
/bin/rdate mypc

Create a second script like this:

#! /usr/bin/ksh
# Run your rdate script
/rdate.sh <<EOT
god    <-- This is your root password
EOT

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 2007538
You cannot rlogin from within a script, it always asks for passwd on stdin.
Why not using rsh?
0
 

Author Comment

by:elmister
ID: 2007539
It doesn't work
It always asks for passwd on stdin
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 

Author Comment

by:elmister
ID: 2007540
Using rsh for rdate?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 2007541
ray_leach suggestion didn't work on modern UNIX except you use a package called expect.

You may try to write a sucmd script as follows:

#! /bin/sh
$*
exit 0


then
chmod u+s sucmd
chown root sucmd

Running this script may be restricted on most UNIXs, you have to patch the kernel then to allow suid-root-scripts (which is more
or less simple, refer to your docs).
0
 
LVL 2

Expert Comment

by:kellyjj
ID: 2007542
If you are running on SCO,  then you can make that command a 'asroot ' command.  Essentially what that means is that there is a list of commands that can be ran regardless of the user.

for example:
/usr/bin/asroot shutdown -g0 -y -i6

this will for use in scripts. It is how I do it for most of our clients.
0
 

Author Comment

by:elmister
ID: 2007543
I Haven't asroot command
0
 
LVL 3

Accepted Solution

by:
mliberi earned 50 total points
ID: 2007544
Your problem is, more generally speaking:
"How may I run a shell script with super user authority?"

The problem is that, for security reasons, all unix operating systems (I think) do not allow SUID scripting.

I solved the problem by writing a shell script compiler that allows you to generate an executable starting from a shell script. It don't represent a security risk because the compiled code can't be easily viewed or changed, so you are sure that the user do only what your program does.

The method is simple:
1) create your shell script (e.g. xxx.sh)
2) compile it               (e.g. kcc xxx.sh)
   the compiler will produce the executable 'xxx'
3) change 'xxx' ownership   (e.g. chown root xxx)
4) set SUID bit             (e.g. chmod u+s xxx)

Any user that run 'xxx' program would become root for the time the process is running.
Avoid forking programs that allows starting a shell, it would be a root shell!

You can download kcx - the shell script compiler from the following URL:
http://www.geocities.com/SiliconValley/Horizon/5745/main.html

It has been compiled for AIX, SunOS, IRIX, Linux and Cygwin32
but could be easily compiled for any unix platform with an ANSI C compiler.

enjoy.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

When you do backups in the Solaris Operating System, the file system must be inactive. Otherwise, the output may be inconsistent. A file system is inactive when it's unmounted or it's write-locked by the operating system. Although the fssnap utility…
Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now