cruxpot
2016-02-12 00:52:42 UTC
Hello,
I am running latest fabric against a Solaris 10 host and I am running into
an issue with the way fabric puts shell commands together when changing the
sudo_prompt to "su -c". This seems to work fine in Linux, but on Solaris,
the root user's login shell is set to /sbin/sh by default and "sh -c" is
prepended to the commands when looking at the system.
env.shell is set to "bash -c"
In my code, it looks like this. I log in as an unprivileged user.
with settings(password=self.su_password, passwords={},
sudo_prefix="su %s -c " % self.su_user,
sudo_prompt=self.su_prompt):
result = sudo(command)
When I do a ps listing, I see something like this but I took out the cd and
PATH setting parts of the command for brevity:
sh -c su root -c bash -c "id"
When you run this, the second -c parameter does not get recognized, and it
never actually executes bash at all and so you just get a root prompt.
$ sh -c su root -c bash -c "id"
Password:
#
Here is what it does in fabric:
2016-02-11 19:18:42,890 - root - DEBUG - Executing command with 'su'
credentials from user user.
[***@XXXXX] sudo: id
[***@XXXXXX] out: Could not chdir to home directory /home/user: No such
file or directory
[***@XXXXXX] out: Password:
[***@XXXXXX] out: #
It breaks into a root shell where I can interactively type commands. :)
This sh -c stuff works however with two types of quotes on the command line
to properly escape which fabric isn't doing in this case:
sh -c 'su root -c "bash -c id"'
Password:
uid=0(root) gid=0(root)
Is there a way to control the quotes or not use "sh -c" in front of the
fabric commands in Solaris 10? Changing root's shell did not help. Someone
said that the SSH daemon may be doing executing sh -c. This is a stock
Solaris 10 build on a SPARC platform but x86 is probably the same. I am
trying to do this without altering the system configuration, only fabric's
settings.
Thanks.
I am running latest fabric against a Solaris 10 host and I am running into
an issue with the way fabric puts shell commands together when changing the
sudo_prompt to "su -c". This seems to work fine in Linux, but on Solaris,
the root user's login shell is set to /sbin/sh by default and "sh -c" is
prepended to the commands when looking at the system.
env.shell is set to "bash -c"
In my code, it looks like this. I log in as an unprivileged user.
with settings(password=self.su_password, passwords={},
sudo_prefix="su %s -c " % self.su_user,
sudo_prompt=self.su_prompt):
result = sudo(command)
When I do a ps listing, I see something like this but I took out the cd and
PATH setting parts of the command for brevity:
sh -c su root -c bash -c "id"
When you run this, the second -c parameter does not get recognized, and it
never actually executes bash at all and so you just get a root prompt.
$ sh -c su root -c bash -c "id"
Password:
#
Here is what it does in fabric:
2016-02-11 19:18:42,890 - root - DEBUG - Executing command with 'su'
credentials from user user.
[***@XXXXX] sudo: id
[***@XXXXXX] out: Could not chdir to home directory /home/user: No such
file or directory
[***@XXXXXX] out: Password:
[***@XXXXXX] out: #
It breaks into a root shell where I can interactively type commands. :)
This sh -c stuff works however with two types of quotes on the command line
to properly escape which fabric isn't doing in this case:
sh -c 'su root -c "bash -c id"'
Password:
uid=0(root) gid=0(root)
Is there a way to control the quotes or not use "sh -c" in front of the
fabric commands in Solaris 10? Changing root's shell did not help. Someone
said that the SSH daemon may be doing executing sh -c. This is a stock
Solaris 10 build on a SPARC platform but x86 is probably the same. I am
trying to do this without altering the system configuration, only fabric's
settings.
Thanks.