Net::Openssh and sudo?

[Rajeev Prasad]

hello,

using Net::Openssh how can i use sudo to become some other user (say root) on a target machine and then execute a series of commands as root?

i looked and tried to use the expect example given on Net::Openssh page but could not make it to work.

my $myssh  = Net::OpenSSH->new($host,
                                port => $SSHPORT,
                                user => $USER,
                                password => $PASS,)

now how can i execute a sudo on this, thus becoming a different user and, then execute bunch of commands on this handle?

please advice.

thank you.
Rajeev

[Rajeev Prasad]

found following which is working to the point where i can get to the root prompt, but not sure why any command after that is not working???? can anyone give any hint? thank you.

CODE:

#!/usr/bin/perl
 
# see http://perlmonks.org/?node_id=890441
 
use strict;
use warnings;
 
use Net::OpenSSH;
use Expect;
#$Expect::Exp_Internal = 1;
 
@ARGV == 2 or die <<EOU;
Usage:
  $0 host user_passwd
 
EOU
 
my $host = $ARGV[0];
my $pass1 = $ARGV[1];

my $ssh = Net::OpenSSH->new($host, passwd => $pass1);
$ssh->error and die "unable to connect to remote host: " . $ssh->error;
 
#$ssh->system("sudo -k");
 
my ( $pty, $pid ) = $ssh->open2pty({stderr_to_stdout => 1}, '/usr/local/bin/sudo', -p => 'runasroot:', 'su', '-')
    or return "failed to attempt su: $!\n";
 
my $expect = Expect->init($pty);
$expect->log_file("expect.pm_log", "w");
$expect->expect(2,
                [ qr/runasroot:/ => sub { shift->send("$pass1\n");} ],  #use pass2 if using only su
                [ qr/Sorry/       => sub { die "Login failed" } ]);
$expect->send("\n\n\n");
$expect->expect(2,[ qr/#/ => sub { shift->send("ls -l\n");} ])  #use pass2 if using only su

in above the ls command is not working.... if i do exp interactive that works fine....

________________________________
From: Rajeev Prasad <rp.n...@yahoo.com>
To: perl list <begi...@perl.org>
Sent: Friday, January 20, 2012 1:10 PM
Subject: Net::Openssh and sudo?

hello,

please advice.

thank you.
Rajeev

--
To unsubscribe, e-mail: beginners-...@perl.org
For additional commands, e-mail: beginne...@perl.org
http://learn.perl.org/

[Rajeev Prasad]

following is working but it keep running the ls -l in loop, i have to ctrl+C it !!!!

#!/usr/bin/perl
 
# see http://perlmonks.org/?node_id=890441
 
use strict;
use warnings;
 
use Net::OpenSSH;
use Expect;

$Expect::Exp_Internal = 1;
 
@ARGV == 2 or die <<EOU;
Usage:
  $0 host user_passwd
 
EOU
 
my $host = $ARGV[0];
my $pass1 = $ARGV[1];
 
my $ssh = Net::OpenSSH->new($host, passwd => $pass1);
$ssh->error and die "unable to connect to remote host: " . $ssh->error;
 
#$ssh->system("sudo -k");
 
my ( $pty, $pid ) = $ssh->open2pty({stderr_to_stdout => 1}, '/usr/local/bin/sudo', -p => 'runasroot:', 'su', '-')
    or return "failed to attempt su: $!\n";
 
my $expect = Expect->init($pty);
$expect->log_file("expect.pm_log", "w");
$expect->expect(2,

                [ qr/runasroot:/ => sub { shift->send("$pass1\n"); exp_continue;} ],  #use pass2 if using only su
                [ qr/Sorry/       => sub { die "Login failed" } ],
                [qr/#/ => sub { shift->send("ls -l\n"); exp_continue;}]
                ) or die "___Timeout!";

__END__

________________________________
From: Rajeev Prasad <rp.n...@yahoo.com>
To: perl list <begi...@perl.org>

Sent: Friday, January 20, 2012 4:14 PM
Subject: Re: Net::Openssh and sudo?

[Rajeev Prasad]

finally, if anyone needs, here is one which logs on to a remote host as yourself then su to root then run as many commands you wish..... saves output in log you can later use.

#!/usr/bin/perl
 
# see http://perlmonks.org/?node_id=890441
 
use strict;
use warnings;
 
use Net::OpenSSH;
use Expect;
$Expect::Exp_Internal = 1;
 
@ARGV == 2 or die <<EOU;
Usage:
  $0 host user_passwd
 
EOU
 
my $host = $ARGV[0];
my $pass1 = $ARGV[1];
 
my $ssh = Net::OpenSSH->new($host, passwd => $pass1);
$ssh->error and die "unable to connect to remote host: " . $ssh->error;
 
#$ssh->system("sudo -k");
 
my ( $pty, $pid ) = $ssh->open2pty({stderr_to_stdout => 1}, '/usr/local/bin/sudo', -p => 'runasroot:', 'su', '-')
    or return "failed to attempt su: $!\n";
 
my $expect = Expect->init($pty);
$expect->log_file("expect.pm_log", "w");

my @cmdlist =("ls -l","pwd","ls","who am i","id","whoami");
foreach my $cmd (@cmdlist){

$expect->expect(2,
                [ qr/runasroot:/ => sub { shift->send("$pass1\n");} ],  #use pass2 if using only su

                [ qr/Sorry/       => sub { die "Login failed" } ],

                [ qr/#/ => sub { shift->send("$cmd \n");}]
                ) or die "___Timeout!";
}
$expect->expect(2);

________________________________
From: Rajeev Prasad <rp.n...@yahoo.com>
To: perl list <begi...@perl.org>

Sent: Friday, January 20, 2012 4:26 PM
Subject: Re: Net::Openssh and sudo? made some progress: version 3

[Salvador Fandiño]

Have you see the FAQ entry "Running remote commands with sudo" on the
module documentation?

https://metacpan.org/module/Net::OpenSSH#FAQ


It describes a simple way to run commands with sudo that doesn't require
Expect.

[Rajeev Prasad]

Hi Salva,

thx, but the installed sudo version does not have -S option. so i am not sure how will i then pass the password....

CU Sudo version 1.5.7p2

sudo -V | -h | -l | -v | -k | -H | [-b] [-p prompt] [-u username/#uid] -s | <command>

________________________________
From: Salvador Fandiño <sfan...@yahoo.com>
To: begi...@perl.org
Sent: Sunday, January 22, 2012 11:08 AM

Subject: Re: Net::Openssh and sudo?

  https://metacpan.org/module/Net::OpenSSH#FAQ

[Salvador Fandino]

On 01/29/2012 07:53 AM, Rajeev Prasad wrote:
> Hi Salva,
>
> thx, but the installed sudo version does not have -S option. so i am not sure how will i then pass the password....

Yes, with older versions of sudo, using Expect is probably the best way.

That may also work:

my $output = $ssh->capture({tty => 1,
stdin_data => "$pass1\n"},
"/usr/local/bin/sudo",
"-k", $cmd, @cmd_args);