Solved

How to put in SU password automatically

Posted on 2002-04-18
8
521 Views
Last Modified: 2010-04-21
How do I construct a UNIX command that will automatically plop the SU password in for me.

My program issues the SU KILL -9 commmand, but then UNIX wants the PASSWORD. I need the command line to automatically put in the PASSWORD and execute the command.
>??
0
Comment
Question by:rbend
8 Comments
 
LVL 38

Expert Comment

by:yuzh
Comment Utility
Install "expect" to your system, and write an script use
expect.

Donload expect and some example script from the following site:

   http://expect.nist.gov/
0
 
LVL 3

Expert Comment

by:elfie
Comment Utility
If you need to kick off some command as another user, i would advise to use 'sudo' or some counterpart.

This is more safe. Just suppose that  you offer the ability to include the 'root' password., people can change the "kill -9" by lets say "vi /etc/passwd". See what can happen?

By implementing sudo , you can give individual users access to 'indivual' commands.
0
 

Author Comment

by:rbend
Comment Utility
elfie:
In my question I actually meant SUDO instead of SU.
However, SUDO still required the password be entered.
Same issue.
bb
0
 
LVL 3

Expert Comment

by:elfie
Comment Utility
Asking for the password is and option:

Just a "cut and paste" from the sudoers man page:

eg: http://www.courtesan.com/sudo/man/sudoers.html


NOPASSWD and PASSWD
By default, sudo requires that a user authenticate him or herself before running a command. This behavior can be modified via the NOPASSWD tag. Like a Runas_Spec, the NOPASSWD tag sets a default for the commands that follow it in the Cmnd_Spec_List. Conversely, the PASSWD tag can be used to reverse things. For example:

 ray    rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprmwould allow the user ray to run /bin/kill, /bin/ls, and /usr/bin/lprm as root on the machine rushmore as root without authenticating himself. If we only want ray to be able to run /bin/kill without a password the entry would be:

 ray    rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprmNote, however, that the PASSWD tag has no effect on users who are in the group specified by the exempt_group option.

By default, if the NOPASSWD tag is applied to any of the entries for a user on the current host, he or she will be able to run sudo -l without a password. Additionally, a user may only run sudo -v without a password if the NOPASSWD tag is present for all a user's entries that pertain to the current host. This behavior may be overridden via the verifypw and listpw options.

0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 5

Expert Comment

by:Netminder
Comment Utility
Admin notified of User neglect.
Netminder
CS Moderator
0
 
LVL 4

Accepted Solution

by:
antons061400 earned 50 total points
Comment Utility
maybe you should create the script like

kill -9 $*

and
- set the root to be owner
- set the suid flag

and use the script to kill processes
0
 
LVL 3

Expert Comment

by:elfie
Comment Utility
kind of dangerous script to put on the system ...
0
 
LVL 1

Expert Comment

by:Moondancer
Comment Utility
A few of your open questions are current, others need your attention.  ADMINISTRATION WILL BE CONTACTING YOU SHORTLY.  Moderators Computer101, Netminder or Mindphaser will return to finalize these if they are still open in 7 days.  Experts, please post closing recommendations before that time.

Below are your open questions as of today.  Questions which have been inactive for 21 days or longer are considered to be abandoned and for those, your options are:
1. Accept a Comment As Answer (use the button next to the Expert's name).
2. Close the question if the information was not useful to you, but may help others. You must tell the participants why you wish to do this, and allow for Expert response.  This choice will include a refund to you, and will move this question to our PAQ (Previously Asked Question) database.  If you found information outside this question thread, please add it.
3. Ask Community Support to help split points between participating experts, or just comment here with details and we'll respond with the process.
4. Delete the question (if it has no potential value for others).
   --> Post comments for expert of your intention to delete and why
   --> YOU CANNOT DELETE A QUESTION with comments; special handling by a Moderator is required.

For special handling needs, please post a zero point question in the link below and include the URL (question QID/link) that it regards with details.
http://www.experts-exchange.com/jsp/qList.jsp?ta=commspt
 
Please click this link for Help Desk, Guidelines/Member Agreement and the Question/Answer process.  http://www.experts-exchange.com/jsp/cmtyHelpDesk.jsp

Click you Member Profile to view your question history and please keep them updated. If you are a KnowledgePro user, use the Power Search option to find them.  

Questions which are LOCKED with a Proposed Answer but do not help you, should be rejected with comments added.  When you grade the question less than an A, please comment as to why.  This helps all involved, as well as others who may access this item in the future.  PLEASE DO NOT AWARD POINTS TO ME.

To view your open questions, please click the following link(s) and keep them all current with updates.
http://www.experts-exchange.com/questions/Q.20285390.html
http://www.experts-exchange.com/questions/Q.20286611.html
http://www.experts-exchange.com/questions/Q.20286687.html
http://www.experts-exchange.com/questions/Q.20297629.html
http://www.experts-exchange.com/questions/Q.20300142.html
http://www.experts-exchange.com/questions/Q.20291025.html
http://www.experts-exchange.com/questions/Q.20301019.html



*****  E X P E R T S    P L E A S E  ******  Leave your closing recommendations.
If you are interested in the cleanup effort, please click this link
http://www.experts-exchange.com/jsp/qManageQuestion.jsp?ta=commspt&qid=20274643
POINTS FOR EXPERTS awaiting comments are listed in the link below
http://www.experts-exchange.com/commspt/Q.20277028.html
 
Moderators will finalize this question if in @7 days Asker has not responded.  This will be moved to the PAQ (Previously Asked Questions) at zero points, deleted or awarded.
 
Thanks everyone.
Moondancer
Moderator @ Experts Exchange
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now