bash 使用 su 和 expect 脚本登录用户时遇到问题
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/29174337/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Trouble logging in user using su and expect script
提问by user3791260
I am working on making a website for a class that you log into with a username and password, and then it takes you to a page that shows your grades in the class.
我正在为您使用用户名和密码登录的课程制作一个网站,然后它会将您带到显示您课程成绩的页面。
The website is being run with a bash script, and will be hosted on a machine where the users already have a username and password to login.
该网站正在使用bash 脚本运行,并将托管在用户已经拥有登录用户名和密码的机器上。
I also have a script called calcgrade.shthat will calculate the grades for either the user who is currently logged in, or the user passed to the script as an argument.
我还有一个名为的脚本calcgrade.sh,它将计算当前登录的用户或作为参数传递给脚本的用户的成绩。
So originally, I was going to use this command:
所以最初,我打算使用这个命令:
echo -e "$password\n" | sudo -Sk -u $user ./website/calcgrade.sh
to run calcgrade.shas the user of the website. However, I found out that sudoasks for the password of the user who is currentlylogged in, not the targetuser you are trying to run a command as.
以calcgrade.sh网站用户身份运行。但是,我发现它sudo要求提供当前登录用户的密码,而不是您尝试运行命令的目标用户的密码。
So after some reading, I found a better option would be to use suwith an expectscript, but I can't get it to work. Here is the code for the expectscript (currently username and password are hard coded in for testing):
所以经过一些阅读后,我发现一个更好的选择是su与expect脚本一起使用,但我无法让它工作。这是expect脚本的代码(当前用户名和密码是硬编码的用于测试):
#!/usr/bin/expect
log_user 0
spawn /bin/su myusername
expect "Password: "
send "mypassword"
spawn "./website/calcgrade.sh"
interact
When I run this script, it doesn't seem to log in the user with su, as it goes on to run calcgrade.shwith my account, rather than the user's.
当我运行此脚本时,它似乎没有使用 登录用户su,因为它继续calcgrade.sh使用我的帐户而不是用户的帐户运行。
Do you see what is wrong with my script? Or can you see a better way to do what I want?
你看到我的脚本有什么问题了吗?或者你能看到更好的方法来做我想做的事吗?
Also, another problem with this method is that calcgrade.shis supposed to send some output to stderr, but when I run it with the expectscript, the error messages get sent to the website (the server works by sending the html for the website to stdout). Is there a way around this, or might it be better to have the expectscript just check with suif username/password is correct, and then if so, then run ./calcgrade.sh $userafterwards?
此外,此方法的另一个问题calcgrade.sh是应该将一些输出发送到stderr,但是当我使用expect脚本运行它时,错误消息会发送到网站(服务器通过将网站的 html 发送到 来工作stdout)。有没有办法解决这个问题,或者让expect脚本只检查su用户名/密码是否正确可能会更好,如果是,然后再运行./calcgrade.sh $user?
采纳答案by that other guy
First of all, here's the correct way to do what you want to do:
首先,这是做你想做的事情的正确方法:
- Give your web server user
sudopermissions to run./website/calcgrade.shas any user, without requiring a password. - Have the web server authenticate the user however you see fit.
- Have it run
sudo -u someuser ./website/calcgrade.sh, no password required.
- 授予您的 Web 服务器用户
sudo权限以./website/calcgrade.sh任何用户身份运行,无需密码。 - 让 Web 服务器以您认为合适的方式对用户进行身份验证。
- 让它运行
sudo -u someuser ./website/calcgrade.sh,不需要密码。
Now let's look at why your approach didn't work:
现在让我们看看为什么您的方法不起作用:
It's commonly believed that suswitches user. This is not the case. It actually starts a new shell running as another user.
人们普遍认为su切换用户。不是这种情况。它实际上启动了一个以另一个用户身份运行的新 shell。
This means that you can't spawn su otheruser, let it finish, and then afterwards spawn calcgrade.sh.
这意味着您不能 spawn su otheruser,让它完成,然后再 spawn calcgrade.sh。
Instead you have to run su otheruser, and then send commands to the shell that sustarts:
相反,您必须运行su otheruser,然后将命令发送到su启动的 shell :
#!/usr/bin/expect
log_user 0
spawn /bin/su someuser
expect "Password: "
send "somepassword\n"
# Now wait for a prompt and send the command to run
expect "$"
send "./website/calcgrade.sh\n"
interact
