On Mon, Oct 7, 2013 at 10:51 PM, Tim Dunphy bluethundr@gmail.com wrote:
Hey guys,
I'm trying to write a simple bash script that will cp a configuration file to a backup (with the date) remotely to a bunch of machines, using sudo with ssh.
I notice that if I run the commands individually, they both work (albeit with some strange output I'd like to suppress):
[tdunphy@MIAGRBISSH01V ~]$ ssh -q -t -t -t MIAGRBIORCA00V sudo -S 'cp -v /data/solr-4.3.1/zoe/etc/logback.xml /tmp/logback.xml-${i}-$(date +%Y%m%d).bak' <<EOF
secret_sauce EOF
tcgetattr: Inappropriate ioctl for device `/data/solr-4.3.1/zoe/etc/logback.xml' -> `/tmp/logback.xml--20131007.bak'
[tdunphy@MIAGRBISSH01V ~]$ ssh -q -t -t -t MIAGRBIORCA00V sudo -S 'ls -l /home/tdunphy/logback.xml-${i}-$(date +%Y%m%d).bak' <<EOF
secret_sauce EOF
tcgetattr: Inappropriate ioctl for device -rw-r--r-- 1 root root 3372 Oct 7 22:07 /home/tdunphy/logback.xml--20131007.bak
The best part of the above is that I am passing my password (secret_sauce - not my real one for obvious reasons) to sudo and having the command executed.
One thing I'd like to be able to figure out is how to suppress this message, which is a little distracting and useless to the process:
tcgetattr: Inappropriate ioctl for device
But more importantly, when I try to pop the above two working statements from the command line into a script, the following occurs:
[tdunphy@MIAGRBISSH01V ~]$ for i in MIAGRBIORCA0{0..9}V MIAGRBIORCA1{0..2}V
do
ssh -q -t -t -t $i sudo -S 'cp -v /data/solr-4.3.1/zoe/etc/logback.xml
/tmp/logback.xml-${i}-$(date +%Y%m%d).bak' <<EOF
secret_sauce EOF
ssh -q -t -t -t $i sudo -S 'ls -l /home/tdunphy/logback.xml-${i}-$(date
+%Y%m%d).bak' <<EOF
secret_sauce EOF
done
tcgetattr: Inappropriate ioctl for device `/data/solr-4.3.1/zoe/etc/logback.xml' -> `/tmp/logback.xml--20131007.bak' tcgetattr: Inappropriate ioctl for device -rw-r--r-- 1 root root 3372 Oct 7 22:07 /home/tdunphy/logback.xml--20131007.bak tcgetattr: Inappropriate ioctl for device [sudo] password for tdunphy:
For some reason the <<EOF password EOF routine is not working to provide the password to sudo the way I was able to when running the commands individually.
Any thoughts on how I should be going about this?
2 things I'd consider (and yes, before someone starts that 'that's not nearly secure enough!' debate, 1 isn't great security, but every place has different levels of acceptable, so it might pass for some while it'd never fly for others) 1. change your ID/to an ID that doesn't have to supply a password to sudo commands e.g. has the NOPASSWD option set in sudoers file. 2. change up to expect. it's a little wonky and different from other scripting languages, but it's really made for this sort of thing.