Robert Spangler wrote: > On Wed November 14 2007 14:41, James A. Peltier wrote: > >> Completely off topic, but I'm sure someone out there is using scripts >> that require a sudo password of some sort, so I'll ask. >> >> What are people doing to automate tasks that required sudo passwords in >> order to run? sudo without a password is not an option for me, but I >> would like to be able to enter the password once have it saved and then >> read back when sudo is required. > > Question for you then, why is sudo without a password not an option? Because it makes the maintanance of our already very large sudoers file that much more complex. Many of my users want to be able to do this not just one or two. They want to do it for various tasks not just some subset of tasks (ie sudo which is outlined here). I probably should have been more precise > Check the man pages of sudoers. It is possible to setup a sudo user that is > only allowed to run a set of command. This in effect only allows the user to > run that one program (or as many as you setup) as sudo and no other. I was already well aware of that option but it doesn't work here. > This has to be better then reading a password file that is lying around on a > disk somewhere. The password would not be kept on disk as was pointed out in my first e-mail. The user would be prompted *once* for the password which would then be passed to any number of tasks. A good example would be a clusterssh session that requires a password to authenticate against some software such as sudo. I think I'm going to have to look into expect or python-pexpect to accomplish what I want, but thought I would just put it out there to see what others are doing or have done. -- James A. Peltier Technical Director, RHCE SCIRF | GrUVi @ Simon Fraser University - Burnaby Campus Phone : 778-782-3610 Fax : 778-782-3045 Mobile : 778-840-6434 E-Mail : jpeltier at cs.sfu.ca Website : http://gruvi.cs.sfu.ca | http://scirf.cs.sfu.ca MSN : subatomic_spam at hotmail.com