在Bash Shell中获取并使用带有特殊字符的密码 [英] Get and use a password with special characters in Bash shell
问题描述
在 bash shell脚本中使用带有特殊字符(例如$)的密码时,我遇到了一些麻烦.
I'm getting some troubles to use a password with special characters such as $ in a bash shell script.
我的shell脚本是:
My shell script is :
read -s -p "Password : " bindDNPass
ldapadd -H ldap://localhost -x -w $bindDNPass -D "dn=cn=Admin" -f /tmp/file.ldif
密码可能类似于$ Something18 $.
And the password could be something like $Something18$.
好吧,命令
ldapadd -H ldap://localhost -x -W -D "dn=cn=Admin" -f /tmp/file.ldif`
询问我的$Something18$,效果很好.
但是,如果我尝试
ldapadd -H ldap://localhost -x -w $Something18$ -D "dn=cn=Admin" -f /tmp/file.ldif
它不起作用.我猜想它正在尝试解析变量$Something18,,所以我尝试了\$Something18$,\$Something18\$, \\\$Something18$,...,但是它不断失败...
it doesn't work. I guess it's trying to resolve the variable $Something18, so I tried with \$Something18$, \$Something18\$, \\\$Something18$, ... but it keeps on failing...
我该怎么办? (无需更改密码...)
How can I do? (Without changing my password...)
推荐答案
我看到您阅读和使用密码的两个潜在问题:
I see two potential problems with how you're reading and using the password:
- 当使用
read命令而没有-r选项时,它将尝试解释转义(反斜杠)序列,这可能会引起麻烦. - 当您使用变量而没有将其用双引号引起来时,它将尝试将值拆分为单独的单词,并尝试将所有通配符扩展为匹配文件名的列表.这可能会导致大量混乱,因此您几乎应该始终对变量引用加双引号.
- When you use the
readcommand without the-roption, it'll try to interpret escape (backslash) sequences, which may cause trouble. - When you use a variable without wrapping it in double-quotes, it'll try to split the value into separate words and also try to expand any wildcards into a list of matching filenames. This can cause massive confusion, so you should almost always double-quote variable references.
解决这些潜在问题后,将提供以下脚本片段:
Fixing these potential problems gives this script snippet:
read -rs -p "Password : " bindDNPass
ldapadd -H ldap://localhost -x -w "$bindDNPass" -D "dn=cn=Admin" -f /tmp/file.ldif
...但是,尽管您应该同时使用这两个mod来增强脚本的健壮性,但是这两个都不会改变其处理密码$Something18$的方式.实际上,当我使用该密码尝试使用原始代码段时,该代码段已正确传递给ldapadd.如果您的实际密码中还包含其他一些特殊字符(或者您使用的值为IFS),那么这些可能会有所帮助;否则,可能会有所帮助.否则,还会有其他事情发生.
...But, while you should do both of these mods to make your script more robust, neither of these will change how it handles the password $Something18$. In fact, when I tried your original snippet with that password, it got passed to ldapadd correctly. If your actual password has some other special characters in it (or you've played with the value of IFS), these might help; otherwise, there's something else going on.
如果在这些修复后您的密码仍然无法使用,请尝试在ldapadd命令前放置set -x(在其后放置set +x),以便将实际传递给ldapadd的内容打印出来.好吧,它将以可能令人困惑的形式打印它:它将在实际执行的内容上打印等效命令,这意味着它将在必要时在password参数中添加引号和/或转义符这样您就可以运行该命令,并且它将执行相同的操作.当我用$Something18$尝试时,它会打印:
If your password still doesn't work after these fixes, try putting set -x before the ldapadd command (and set +x after) so it'll print what's actually being passed to ldapadd. Well, it'll print it in a possibly confusing form: it'll print an equivalent command to what's actually being executed, which means it'll add quotes and/or escapes to the password parameter as necessary so that you could run that command and it'll do the same thing. When I tried it with $Something18$, it printed:
+ ldapadd -H ldap://localhost -x -w '$Something18$' -D dn=cn=Admin -f /tmp/file.ldif
...其中的单引号表示直接传递其中的内容,而不进行解析.它也可能会打印以下任何等效命令:
...where the single-quotes mean that what's inside them is passed directly, with no parsing. It could also have printed any of the following equivalent commands:
+ ldapadd -H ldap://localhost -x -w \$Something18\$ -D dn=cn=Admin -f /tmp/file.ldif
+ ldapadd -H ldap://localhost -x -w "\$Something18\$" -D dn=cn=Admin -f /tmp/file.ldif
+ ldapadd -H ldap://localhost -x -w $'$Something18$' -D dn=cn=Admin -f /tmp/file.ldif
,因此您必须获取打印出的内容,并弄清楚bash将如何解析该内容,以便确定实际传递给ldapadd的内容.但是至少它会为您提供有关实际情况的一些信息.
so you have to take what it prints, and figure out how that'd be parsed by bash, in order to figure out what's actually being passed to ldapadd. But at least it'll give you some information about what's actually happening.
哦,您可能会注意到DN参数没有被双引号引起来.那是因为它不包含任何特殊字符,所以双引号没有做任何事情,因此就将它们省略了.
Oh, and you may notice that the DN argument isn't being double-quoted. That's because it doesn't contain any special characters, so the double-quotes aren't doing anything, so it just left them off.
这篇关于在Bash Shell中获取并使用带有特殊字符的密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
