sudo add user script

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Hello list,

 I took another stab at finding a way to add a sudo user remotely and it
gets you most of the way there. If you execute the script as root it works
beautifully and does just what you want. Which is add the user  to the
group and gives that user group rights to certain commands.

But if you execute it as a user who only has sudo access to the
/etc/sudoers file it errors out.

cloud:~] bluethundr% ./add_sudo.sh
reverse mapping checking getaddrinfo for $host failed - POSSIBLE BREAK-IN
ATTEMPT!
[sudo] password for bluethundr: Sorry, try again.
[sudo] password for bluethundr: Sorry, try again.
[sudo] password for bluethundr: Sorry, try again.
sudo: 3 incorrect password attempts
Connection to $host closed.
1
reverse mapping checking getaddrinfo for $host failed - POSSIBLE BREAK-IN
ATTEMPT!
bash: /tmp/sudoers.tmp: Permission denied
Connection $host to closed.
1

The main problem is that the script doesn't enter the password.

I'm attempting to echo the user's sudo pass in like this:

$SSH -t  $USER@$HOST <http://host.jokefire.com/>  'echo $PASSWD | $SUDO -S
$CP /etc/sudoers /tmp/sudoers-template'


(of course I'm trying it out in my own environment before I try to use it
in their environment).


Here' s the script itself, I was hoping you could offer some help here:

#!/bin/bash

SSH='/usr/bin/ssh'
ECHO='/bin/echo'
TEE='/usr/bin/tee'
SUDO='/usr/bin/sudo'
VISUDO='/usr/sbin/visudo'
CP='/bin/cp'
CAT='/bin/cat'
USER='user'
HOST='beta'
PASSWD='secret'


$SSH -t  $USER@$HOST <http://host.jokefire.com/> 'echo $PASSWD | $SUDO -S
$CP /etc/sudoers /tmp/sudoers-template'

   echo $?

     if [ $?  -eq 0  ]; then
     $SSH -t  $USER@$HOST <http://host.jokefire.com/> 'echo $PASSWD | $SUDO
-S  echo "%my_group  ALL=(root) NOPASSWD:   /sbin/service, /bin/rm,
/usr/bin/du, /bin/df" > /tmp/sudoers.tmp'
     echo $?


     if [ $? -eq 0 ]; then
     $SSH -t $USER@$HOST <http://host.jokefire.com/> "echo $PASSWD | $SUDO
-S $CAT /tmp/sudoers.tmp | $TEE -a /tmp/sudoers-template"
    echo $?

   if [ $? -eq 0 ]; then

   $SSH  $USER@$HOST <http://host.jokefire.com/>  "$VISUDO -cf
'/tmp/sudoers-template' 2>&1 >& /dev/null"
    echo $?

    if [ $? -eq 0 ]; then
      $SSH -t $USER@$HOST <http://host.jokefire.com/>   "echo $PASSWD |
$SUDO -S  $CP '/etc/$SUDOers' '/tmp/sudoers.bak'"
     echo $?

       if [ $?  -eq 0 ]; then
         $SSH -t $USER@$HOST <http://host.jokefire.com/>   "echo $PASSWD |
$SUDO -S  $CP '/tmp/$SUDOers-template' '/etc/sudoers'"
         echo $?

         if [ $?  -eq 0 ]; then
          $SSH -t $USER@$HOST <http://host.jokefire.com/>   "echo $PASSWD |
$SUDO -S $VISUDO  -cf '/etc/sudoers'"

         fi
            if [ $?  -eq 0 ]; then
              $ECHO -e "You have successfully added the user to sudoers"
            fi
        fi
       fi
    fi
   fi
fi



Thanks!

-- 
GPG me!!

gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux