|-||Like su -. This switch will load the environment of the user you become, rather than retaining yours.|
If this switch is given
along with a username, sudoshell will ask sudo to give the ss
user the identity of the user named with the -u switch. If no -u
switch is given, sudoshell will ask for a root shell.
sudoshell -u oracle
The idea of running shells as users other than root came from Donny Jekels.
Most root tasks can be accomplished with sudo without running a shell. However certain tasks, such as running privileged commands in a pipeline, can be more difficult using sudo. Since sudo sometimes prompts for a password (depending on how long ago the user last authenticated) you can run into quirky situations like this:
hbo@egbok|509> sudo ls | sudo more Password:Password:(enter password) (enter password) #sudoshell# CVS sudoscriptd sudoscriptd~ sudoshell sudoshell~ hbo@egbok|510>
In this case we get two password prompts, right on top of one another. We enter the password for the first prompt, and sudo waits for the next one. Since the prompt is on the preceding line, this can be very confusing.
Another place sudo has difficulty is with I/O redirection:
hbo@egbok|511 > ls -l /tmp/foo -r--r--r-- 1 root other 1464 Mar 25 13:10 /tmp/foo hbo@egbok|512 > sudo ls >>/tmp/foo bash: /tmp/foo: Permission denied hbo@egbok|513 > sudo ls | sudo cat >>/tmp/foo bash: /tmp/foo: Permission denied
But this works:
hbo@egbok|514 > sudo ls | sudo tee -a /tmp/foo >/dev/null
Its not very intuitive, however.
The problem occurs because the shell implements I/O redirection before it invokes the command, which is sudo, NOT ls.
Globbing has problems for the same reason. But in this case, theres no good workaround, short of letting the user run a shell:
hbo@egbok|515 > mkdir fff hbo@egbok|516 > chmod 700 fff hbo@egbok|517 > touch fff/foo hbo@egbok|518 > sudo chown root fff Password: hbo@egbok|519 > cd fff bash: cd: fff: Permission denied hbo@egbok|520 > sudo cd fff sudo: cd: command not found hbo@egbok|521 > sudo rm fff/* rm: cannot remove `fff/*: No such file or directory
The cd fails because cd is a bash builtin, and sudo doesnt know anything about it. The globbing fails because the shell tries to expand the wildcard before executing the command, which is sudo, not rm.
Please let me know if you find any.
The following people offered helpful advice and/or code:
Dan Rich (drich@emplNOoyeeSPAMs.org) Alex Griffiths (dag@unifiedNOcomputingSPAM.com) Bruce Gray (bruce.gray@aNOcSPAMm.org) Chan Wilson (cwilson@coNrOp.sSgPi.cAoMm> Tommy Smith (tsNmOith@eSaPtAeMl.net) Donny Jekels (donny@jNOeSkPeAlMs.com
Howard Owen, <email@example.com>
Copyright 2002,2003 by Howard Owen
sudoscript is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
|perl v5.20.3||SUDOSHELL (1)||2016-03-17|