run command with 'su'

102 views
Skip to first unread message

Chris Gadd

unread,
Aug 31, 2021, 11:47:37 PM8/31/21
to rundeck-discuss
Hi,
I want to run a command on a node as a different user to that I log in with and can't get this to work with 'su'.

Interactively, I could do this:

ssh sshuser@host
sshuser@host:~$ su appuser -c "whoami"
Password: <enter appuser password here>
appuser

The sshuser doesn't have sudo rights on the host, so I can't do this with, for example, 'sudo -u appuser "whoami"'.

I've tried a Rundeck node config like this, but I'm not getting past the su password prompt.
  sudo-command-enabled: true
  sudo-password-storage-path: keys/users/myuser/test
  sudo-command-pattern: "su .*"
  sudo-prompt-pattern: "Password:.*"
Tried a few variations as well, eg "^.*su.*$" but no luck.
Should this work at all? Open to other ideas if there's a better way.
thanks,
chris

Felipe Gutierrez

unread,
Sep 1, 2021, 10:38:16 AM9/1/21
to 'Chris Gadd' via rundeck-discuss

Hello Chris,

* Do you receive any error on rundeck logs while performing  su ?

* are you executing an script or a command step ?

* Did you try using something like ?

# sudo su - <user>

it should detect the sudo without specifying the "sudo-prompt-pattern"

Hope it helps,

Felipe

--
You received this message because you are subscribed to the Google Groups "rundeck-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rundeck-discu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rundeck-discuss/202409c1-3e84-43fd-9741-3c92faaa9f64n%40googlegroups.com.
-- 
---------------------
Felipe G.
Skype : phil_buzz

Gadd, Chris, Vodafone NZ

unread,
Sep 1, 2021, 5:42:43 PM9/1/21
to rundeck...@googlegroups.com

Thanks Felipe. I tried both script and command step with no luck – appears to be hanging at the password prompt (nothing is displayed until I kill the job).

Unfortunately I can’t do the ‘sudo su - <user>’ approach since the user I’m connected as doesn’t have any sudo rights.

May have to look at tweaking the host’s permissions.

thanks,

chris

 

 

C2 General

From: rundeck...@googlegroups.com <rundeck...@googlegroups.com> On Behalf Of Felipe Gutierrez
Sent: Thursday, 2 September 2021 2:38 am
To: 'Chris Gadd' via rundeck-discuss <rundeck...@googlegroups.com>
Subject: Re: [rundeck] run command with 'su'

 

CYBER SECURITY WARNING: This email is from an external source - be careful of attachments and links. Please follow the Cyber Code and report suspicious emails.

Reply all
Reply to author
Forward
0 new messages