•  30-06-2022
  •  | 
  •  

Question

I am trying to write a script that will run the following commands:

sudo su
runmqsc_result=`su -c "runmqsc QMGR < /home/rob/query_queue.txt" -m "mqm"`

My issue however, is that these commands are run as part of a shell script, by user that is in the sudoers file. However, obviously sudo su asks for the password of the user running it.

What I need to do is to pass the password to sudo su so that the script will run automatically. How can I do this?

p.s: I can't change the permissions for running "runmqsc"...it HAS to be run as user mqm which needs to be switched to from the root user.

Was it helpful?

Solution

From man sudo:

-S    The -S (stdin) option causes sudo to read the password from the standard
      input instead of the terminal device.  The password must be followed by a
      newline character.

So, while it defies all security principles, echo 'password' | sudo -S su [...] should work.

Alternatively, you could make your script writeable only by root and add the following to /etc/sudoers to allow the user johndoe to run it with root priviledges without having to enter his password:

johndoe ALL = NOPASSWD: /full/path/to/your/script

The part writeable only by root is important to prevent johndoe from modifying the script and executing arbitrary commands as root.

OTHER TIPS

This solution work by using 'script' command from the 'bsdutiles' package that setup a pty (a terminal). The 'sleep' command is there to prevent sending the password before the 'su' command is ready to read it. The 'tail' command remove the "Password:" input line issued by 'su'.

 { sleep 1; echo rootpassword } | script -qc 'su -c "runmqsc QMGR < /home/rob/query_queue.txt" -m "mqm"' /dev/null | tail -n +2

Beware that the rootpassword could be see in many ways (history, ps, /proc/, etc...). Start the command with a space to at least avoid history recording.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top