使用su和Expect脚本登录用户时出现问题 [英] Trouble logging in user using su and expect script
问题描述
我正在为您使用用户名和密码登录的班级创建网站,然后将您带到显示班级成绩的页面.
I am working on making a website for a class that you log into with a username and password, and then it takes you to a page that shows your grades in the class.
该网站使用 bash脚本运行,并将托管在用户使用的计算机上已经具有用于登录的用户名和密码.
The website is being run with a bash script, and will be hosted on a machine where the users already have a username and password to login.
我还有一个名为calcgrade.sh
的脚本,它将为当前登录的用户或作为参数传递给脚本的用户计算成绩.
I also have a script called calcgrade.sh
that will calculate the grades for either the user who is currently logged in, or the user passed to the script as an argument.
因此,最初,我将使用此命令:
So originally, I was going to use this command:
echo -e "$password\n" | sudo -Sk -u $user ./website/calcgrade.sh
以网站用户身份运行calcgrade.sh
.但是,我发现sudo
要求输入当前 登录用户的密码,而不是您要尝试以以下方式运行命令的 target 用户的密码.
to run calcgrade.sh
as the user of the website. However, I found out that sudo
asks for the password of the user who is currently logged in, not the target user you are trying to run a command as.
因此,经过阅读后,我发现一个更好的选择是将su
与expect
脚本一起使用,但是我无法使其正常工作.这是expect
脚本的代码(当前,用户名和密码已进行硬编码以进行测试):
So after some reading, I found a better option would be to use su
with an expect
script, but I can't get it to work. Here is the code for the expect
script (currently username and password are hard coded in for testing):
#!/usr/bin/expect
log_user 0
spawn /bin/su myusername
expect "Password: "
send "mypassword"
spawn "./website/calcgrade.sh"
interact
当我运行此脚本时,它似乎没有使用su
登录用户,因为它继续使用我的帐户而不是用户帐户运行calcgrade.sh
.
When I run this script, it doesn't seem to log in the user with su
, as it goes on to run calcgrade.sh
with my account, rather than the user's.
您看到我的脚本出了什么问题吗?还是可以看到一种更好的方式来做我想做的事?
Do you see what is wrong with my script? Or can you see a better way to do what I want?
此外,此方法的另一个问题是calcgrade.sh
应该发送一些输出到stderr
,但是当我使用expect
脚本运行它时,错误消息将发送到网站(服务器正常工作通过将网站的html发送到stdout
).有没有解决的办法,还是最好让expect
脚本只是用su
检查用户名/密码是否正确,如果正确,然后再运行./calcgrade.sh $user
?
Also, another problem with this method is that calcgrade.sh
is supposed to send some output to stderr
, but when I run it with the expect
script, the error messages get sent to the website (the server works by sending the html for the website to stdout
). Is there a way around this, or might it be better to have the expect
script just check with su
if username/password is correct, and then if so, then run ./calcgrade.sh $user
afterwards?
推荐答案
首先,这是做您想做的正确方法:
First of all, here's the correct way to do what you want to do:
- 授予您的Web服务器用户
sudo
权限,使其能够以任何用户身份运行./website/calcgrade.sh
,而无需输入密码. - 让Web服务器对用户进行身份验证,但是您认为合适.
- 让它运行
sudo -u someuser ./website/calcgrade.sh
,不需要密码.
- Give your web server user
sudo
permissions to run./website/calcgrade.sh
as any user, without requiring a password. - Have the web server authenticate the user however you see fit.
- Have it run
sudo -u someuser ./website/calcgrade.sh
, no password required.
现在让我们看看为什么您的方法不起作用:
Now let's look at why your approach didn't work:
通常认为su
会切换用户.不是这种情况.实际上,它启动了一个以其他用户身份运行的新Shell.
It's commonly believed that su
switches user. This is not the case. It actually starts a new shell running as another user.
这意味着您无法生成su otheruser
,让它完成,然后再生成calcgrade.sh
.
This means that you can't spawn su otheruser
, let it finish, and then afterwards spawn calcgrade.sh
.
相反,您必须运行su otheruser
,然后将命令发送到su
启动的外壳程序:
Instead you have to run su otheruser
, and then send commands to the shell that su
starts:
#!/usr/bin/expect
log_user 0
spawn /bin/su someuser
expect "Password: "
send "somepassword\n"
# Now wait for a prompt and send the command to run
expect "$"
send "./website/calcgrade.sh\n"
interact
这篇关于使用su和Expect脚本登录用户时出现问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!