Date: Fri, 01 Dec 2006 08:47:02 -0700 From: Ray Still <rastill@shaw.ca> To: Alex Zbyslaw <xfb52@dial.pipex.com> Cc: freebsd-questions@freebsd.org Subject: Re: Fw: Re: problem with script execution Message-ID: <007101c7155f$f1fb6790$6700a8c0@New> References: <004601c71559$f2d645f0$6700a8c0@New> <45704A22.9060100@dial.pipex.com>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message ----- From: "Alex Zbyslaw" <xfb52@dial.pipex.com> To: "Ray Still" <rastill@shaw.ca> Cc: <freebsd-questions@freebsd.org> Sent: Friday, December 01, 2006 8:28 AM Subject: Re: Fw: Re: problem with script execution > Ray Still wrote: > >>>> Just out of curiosity: What is the "echo * |" supposed to do? From my >>>> point of view the shell will expand "*" to the list of files and >>>> directories in PWD, so "echo *" acts like a simple ls in this context. >>>> This list is piped to sudo. But what does sudo do with these? >>> >>> >>> sorry, I didn't want to show my passwords, so I replaced it with an >>> astrix. the password of course is being read from the pipe by sudo >>> because of the -S option. >> > Probably nothing to do with your original problem, but you do know that > you can allow sudo to execute certain commands without a password? > Passwords in shell scripts isn't exactly ideal... I am aware of the security issues, but in this case I think it's the best option because: 1) any one who can login to the machine also knows root passwords. 2) this script lives in a directory that is password protected by apache. 3) I don't like the thought of turning off passwords. so if you can see the script, you won't learn anything you don't already know. am I totally out to lunch? > > E.g. my sudoers has: > > Cmnd_Alias HEALTHD = /usr/local/sbin/healthd > [...] > %wheel ALL=(root) NOPASSWD: SMART_STATUS, HEALTHD, MBMON > > So anyone in group wheel (me :-)) can excecute any of the named commands > without any password. You can also force the flags that will be passed - > the sudoers man page has more details. > > --Alex > > > > > > > -- > No virus found in this incoming message. > Checked by AVG Free Edition. > Version: 7.5.430 / Virus Database: 268.15.2/559 - Release Date: 11/30/2006 > 5:07 AM > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?007101c7155f$f1fb6790$6700a8c0>