Problems with Sudo Inside Expect Script

Problems with sudo inside expect script

Try to give complete path for these files and check once.

cp /path/oraenv /path/coraenv /path/sqlplus /path/dbhome /usr/bin

Enter sudo password while in expect script

The answer from Donal Fellows is the right way to go, but for completeness here is the interact solution you were trying for. The command to use is

expect {
    "Input 1" { send -- "$env(input1)\r"; exp_continue }
    "Input 2" { send -- "$env(input2)\r"; exp_continue }
    "password for" { stty -echo
                    interact -u tty_spawn_id -o "\r" return
                    stty echo
                    exp_continue }
    eof
}

The problem you have is that you are running expect with the script on stdin, so interact has trouble unless you use -u tty_spawn_id to get it to work with /dev/tty and the user. You need to set the echo on/off on this tty explicitly, as sudo will only have done it on the pty between the spawned command and expect.

issue in logging in as sudo user

expect "[sudo] password for USER:"

That uses square brackets, which are Tcl's mechanism for command substitition. You have to either escape the leading bracket, or use Tcl's non-interpolating quotes: one of

expect "\[sudo] password for USER:"
# or
expect {[sudo] password for USER:}

use expect to enter password when need sudo in script

You have too many quotes. Choose one of:

expect {\[sudo\] password for odroid: }
expect "\\\[sudo\\\] password for odroid: "

Clearly the first option is better.

Lots of escaping is necessary because 1) square brackets are special in a glob pattern, and 2) square brackets are special Tcl syntax (command substitution) in double quotes but not in curly braces.

Trouble logging in user using su and expect script

First of all, here's the correct way to do what you want to do:

1. Give your web server user sudo permissions to run ./website/calcgrade.sh as any user, without requiring a password.
2. Have the web server authenticate the user however you see fit.
3. Have it run sudo -u someuser ./website/calcgrade.sh, no password required.

---

Now let's look at why your approach didn't work:

It's commonly believed that su switches user. This is not the case. It actually starts a new shell running as another user.

This means that you can't spawn su otheruser, let it finish, and then afterwards spawn calcgrade.sh.

Instead you have to run su otheruser, and then send commands to the shell that su starts:

#!/usr/bin/expect 

log_user 0

spawn /bin/su someuser 
expect "Password: "
send "somepassword\n" 

# Now wait for a prompt and send the command to run
expect "$"
send "./website/calcgrade.sh\n"
interact

Expect script is running only one command and displays an error

The read command grabs the file contents with a trailing newline. Then, when you split on newlines, the list has a trailing element that is an empty string. Use one of these:

set f [open "servers.txt"]
set hosts [split [read -nonewline $f] "\n"]
# .....................^^^^^^^^^^
close $f
foreach host $hosts { ...

or

set f [open "servers.txt"]
while {[gets $f host] != -1} {
    spawn ssh ...
}
close $f

sudo won't work in shell

The single quotes in

sudo -H -u otheruser bash -c '${START_SCRIPT}'

prevent the shell from expanding the $. Simply use double quotes:

sudo -H -u otheruser bash -c "${START_SCRIPT}"

Error using expect to execute shell script

expect eof is still subject to the timeout. The script is probably taking longer than 10 seconds to complete. I'd suggest set timeout -1

---

Obviously I don't know what the script is doing, but maybe you don't need expect for this: Try sending the responses to the script's stdin

printf '%s\n' "Seattle" "{{ elevated }}" "{{ elevated_pass }}" | sudo ./addto-AD

---

Related Topics