calling system command as another user

G

Gary Perkins

Howdy People,

I am not a Perl guy and have to make some code work. We have a password
reset facility that is Perl cgi based and simply generates a password,
writes it to an email and the passwd.txt file for the system we run. This
all works great except we then need to call a command to relod the password
file but as another user.

I have
my $reloadcmd = "su - ariba -c
\"/u01/app/AribaBuyer7/CoreServer/serverMonitor -host buy_test -username
aribasystem -password password -runTask ReloadPasswordFile -partition
wespar\"";

$reloadcmd =~ s/[\n]|[\r]//gi;

system($reloadcmd);


It doesnt appear to work at all. Have I escaped the quotes incorrectly, I
logged it to a text file and the command is coming out OK....I think?

The actual command that I know works is;
/u01/app/AribaBuyer7/CoreServer/serverMonitor -host buy_test -username
aribasystem -password password -runTask ReloadPasswordFile -partition wespar

Thanks
Gary
 
G

Gary Perkins

This works when I run it as a stand alone perl script just not when called
via CGI??

Cheers
Gary
 
G

Gary Perkins

More info....

This works...system("ls -l >> $logfile");

but this doesnt system("su - username -c \"ls -l >> $logfile\"");

The script is been called from iPlanet and nothing gets logged in the errors
file when it doesnt work, it like the command gets passed over.



Thanks heaps
Gary

Gary Perkins said:
This works when I run it as a stand alone perl script just not when called
via CGI??

Cheers
Gary
Gary Perkins said:
Howdy People,

I am not a Perl guy and have to make some code work. We have a password
reset facility that is Perl cgi based and simply generates a password,
writes it to an email and the passwd.txt file for the system we run. This
all works great except we then need to call a command to relod the password
file but as another user.

I have
my $reloadcmd = "su - ariba -c
\"/u01/app/AribaBuyer7/CoreServer/serverMonitor -host buy_test -username
aribasystem -password password -runTask ReloadPasswordFile -partition
wespar\"";

$reloadcmd =~ s/[\n]|[\r]//gi;

system($reloadcmd);


It doesnt appear to work at all. Have I escaped the quotes incorrectly, I
logged it to a text file and the command is coming out OK....I think?

The actual command that I know works is;
/u01/app/AribaBuyer7/CoreServer/serverMonitor -host buy_test -username
aribasystem -password password -runTask ReloadPasswordFile -partition wespar

Thanks
Gary
 
G

Gary Perkins

If I dont use the su- for my command it actually works but doesnt return.
The web page just hangs and eventually times out.

Sorry for the multipart post but I keep trying things.

Cheers
Gary
Gary Perkins said:
More info....

This works...system("ls -l >> $logfile");

but this doesnt system("su - username -c \"ls -l >> $logfile\"");

The script is been called from iPlanet and nothing gets logged in the errors
file when it doesnt work, it like the command gets passed over.



Thanks heaps
Gary

Gary Perkins said:
This works when I run it as a stand alone perl script just not when called
via CGI??

Cheers
Gary
Gary Perkins said:
Howdy People,

I am not a Perl guy and have to make some code work. We have a password
reset facility that is Perl cgi based and simply generates a password,
writes it to an email and the passwd.txt file for the system we run. This
all works great except we then need to call a command to relod the password
file but as another user.

I have
my $reloadcmd = "su - ariba -c
\"/u01/app/AribaBuyer7/CoreServer/serverMonitor -host buy_test -username
aribasystem -password password -runTask ReloadPasswordFile -partition
wespar\"";

$reloadcmd =~ s/[\n]|[\r]//gi;

system($reloadcmd);


It doesnt appear to work at all. Have I escaped the quotes
incorrectly,
 
B

bm

Gary Perkins said:
This works when I run it as a stand alone perl script just not when called
via CGI??

Your CGI probably runs as the user 'nobody'. 'nobody' probably does
not have permissions to update your password file.

In which case you need to look at running your script under setuid,see
'man setuid' on your web server.

More importantly though, you need to look at "perldoc perlsec".
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top