[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

comp.lang.ruby

Ruby script to run command as root on remote linux system

James Dinkel

4/18/2008 4:48:00 PM

This is really sort of an offshoot of this thread:
http://www.ruby-...to...

I WAS just trying to pass on the password to sudo being run over
Net::SSH on a remote linux server. I eventually gave up on that and set
sudo to run with no password, only to find out that does not work
either! For some reason there is a problem running sudo commands over
Net::SSH.

So I am just wonder if anybody has found ANY possible way to run remote
commands with root privileges on the remote computer.

here is my script as it is which seems to just skip over the sudo
command:

-----------
require 'rubygems'
require 'net/ssh'


Net::SSH.start( 'server1',
:username=>'myuser',
:password=>'mypass' ) do |session|


session.open_channel do |channel|
channel.on_data do |ch, data|
puts data
end
channel.exec 'touch myfile'
end
session.loop

session.open_channel do |channel|
channel.on_data do |ch, data|
puts data
end
channel.exec 'sudo touch rootfile'
end
session.loop

end
-------------

The "myfile" gets created, but the "rootfile" does not.
--
Posted via http://www.ruby-....
8 Answers

Vladimir Konrad

4/18/2008 8:04:00 PM

0

> So I am just wonder if anybody has found ANY possible way to run
> remote commands with root privileges on the remote computer.

If you have control over remote computer (and can live with security
implications), you could allow direct root log-in over ssh using ssh
keys...

Vlad

Peña, Botp

4/19/2008 1:13:00 AM

0

RnJvbTogSmFtZXMgRGlua2VsIFttYWlsdG86amRpbmtlbEBnbWFpbC5jb21dIA0KIyBTbyBJIGFt
IGp1c3Qgd29uZGVyIGlmIGFueWJvZHkgaGFzIGZvdW5kIEFOWSBwb3NzaWJsZSB3YXkgdG8gDQoj
IHJ1biByZW1vdGUNCiMgY29tbWFuZHMgd2l0aCByb290IHByaXZpbGVnZXMgb24gdGhlIHJlbW90
ZSBjb21wdXRlci4NCg0KdHJ5IGNhcGlzdHJhbm8NCg0Ka2luZCByZWdhcmRzIC1ib3RwDQo=

princeofnigeria

4/19/2008 3:56:00 AM

0

Depends on what you ar looking to do. Do you have valid credentials on the
remote machine? Do you need to just connect and run commands through a
script and then disconnect? Give me s few more details and Ill see what I
can do. I have a few scripts i use but depends on what your trying to do.

On Fri, Apr 18, 2008 at 8:12 PM, Pe=F1a, Botp <botp@delmonte-phil.com> wrot=
e:

> From: James Dinkel [mailto:jdinkel@gmail.com]
> # So I am just wonder if anybody has found ANY possible way to
> # run remote
> # commands with root privileges on the remote computer.
>
> try capistrano
>
> kind regards -botp
>

Arlen Cuss

4/19/2008 4:19:00 AM

0

[Note: parts of this message were removed to make it a legal post.]

Hi,

On Sat, Apr 19, 2008 at 2:48 AM, James Dinkel <jdinkel@gmail.com> wrote:

> I WAS just trying to pass on the password to sudo being run over
> Net::SSH on a remote linux server. I eventually gave up on that and set
> sudo to run with no password, only to find out that does not work
> either! For some reason there is a problem running sudo commands over
> Net::SSH.
>

Strange. It works for me:

>> Net::SSH.start 'localhost', :username => 'test', :password => '...' do
|session|
?> session.open_channel do |channel|
?> channel.on_data do |ch, data|
?> puts data
>> end
>> channel.exec 'sudo touch rootfile'
>> end
>> session.loop
>> end; nil
=> nil
>>

celtic@sohma:~$ ls -l ~test
total 0
-rw-r--r-- 1 test test 0 2008-04-19 14:16 a
lrwxrwxrwx 1 test test 26 2008-04-19 14:14 Examples ->
/usr/share/example-content/
-rw-r--r-- 1 root root 0 2008-04-19 14:17 rootfile
celtic@sohma:~$

Are you sure the user can always sudo without password?

Arlen

Vladimir Konrad

4/19/2008 3:18:00 PM

0


Securing root access using ssh keys (the other accounts are not
affected):

(look at "Method 2"):

http://www.internetservers.com/support/vds/advanced/securing...

Vlad

Ken Bloom

4/22/2008 4:08:00 AM

0

On Fri, 18 Apr 2008 21:03:42 +0100, Vladimir Konrad wrote:

>> So I am just wonder if anybody has found ANY possible way to run remote
>> commands with root privileges on the remote computer.
>
> If you have control over remote computer (and can live with security
> implications), you could allow direct root log-in over ssh using ssh
> keys...
>
> Vlad

SSH also allows you to create single-purpose keys.
See http://pkeck.myweb.ug...

--Ken

--
Ken (Chanoch) Bloom. PhD candidate. Linguistic Cognition Laboratory.
Department of Computer Science. Illinois Institute of Technology.
http://www.iit.edu...

James Dinkel

4/22/2008 1:51:00 PM

0

Ken Bloom wrote:
>
> SSH also allows you to create single-purpose keys.
> See http://pkeck.myweb.ug...
>
> --Ken

That's all good to know. Since Arlen says it is working for him. I
think I'm going to set up another server to test this out on (I don't
want to go much further on a production machine, probably shouldn't have
even messed with it this much).

James
--
Posted via http://www.ruby-....

James Dinkel

5/1/2008 10:02:00 PM

0

Ok, a little more testing, and I think I've found the problem. This is
in the sudoers file on RHEL 5.0 by default:
"Defaults requiretty"

So I either need to get rid of that, or somehow get ruby net-ssh to open
a tty and execute the command in that. I have no clue if the latter is
even possible, and I really don't want to do the former, at least not
globally.

If I could remove the requiretty option for just this user, or even
better would be for just this user AND just this command, then that
would be great, and I bet possible. However, I have no idea how to
configure sudoers for that.

James
--
Posted via http://www.ruby-....