0

I have ubuntu 15.10 os. I wrote a shell script to execute multiple commands which are:

Log to root " root@dalya-B5400:/home/hduser " and enter snort directory , and open Ids mode , Convert the captured packets to text format and at last logout from this directory and root, Then log to hadoop user " root@dalya-B5400:/home/hduser " , Start all process and send the snort log file to hadoop.

I'm in account " hduser@dalya-B5400 " which is the normal user. I need some commands to perform in this user: " root@dalya-B5400:/home/hduser " so I used : $ sudo su and logged to it. After finishing my job here, I want to return to the normal user " hduser@dalya-B5400 "

My script worked until log from root to hadoop user, Here I focused a problem, I used this commands (one at time) :

$ su - & sshpass -p password ssh -o StrictHostKeyChecking=no hduser@dalya-B5400
$ sudo -iu hduser
$ sudo su - hduser

Its logged to hadoop user but after that exit without execute the rest commands behind it.

Also I tried to call second shell script from the current , but also it give same result and don't open the normal user.

My primary shell script named snort-command and its contain this:

#!/bin/bash
cd ~/snort5_src
cd snort-2.9.9.0
snort -dev -n 20 -l /home/hduser/log9 -b -c /etc/snort5/snort.conf
chmod a+rwx /home/hduser/log9/snort.log.*
tcpdump -n -tttt -r /home/hduser/log9/snort.log.* > /home/hduser/log9/bigfile2.txt
sshpass -p password ssh -o StrictHostKeyChecking=no hduser@dalya-B5400
/home/hduser/hadoop

and the second shell script named hadoop and contain:

#!/bin/bash
/usr/local/hadoop/bin/start-all.sh
hadoop fs -put /home/hduser/log9/bigfile2.txt user/hduser/li

Also I tried to open new terminal from the current :

$ gnome-terminal

But its also open the current user not the normal one.

Any suggestions ?

Dalya
  • 374
  • 1
  • 3
  • 15

3 Answers3

1

You can login using a normal user through SSH and then execute commands as root (you will need to make sure that your normal user is in sudoers) using the following command for example:

sshpass -p 'mynormaluserpassword' ssh -o StrictHostKeyChecking=no mostafa@remotehost "whoami && id ; echo 'mynormaluserpassword' | sudo -S sh -c 'whoami; id; echo Hello from root user'"

The result will be as the following:

mostafa
uid=1033(mostafa) gid=1033(mostafa) groups=1033(mostafa)
[sudo] password for mostafa: root
uid=0(root) gid=0(root) groups=0(root)
Hello from root user

Explanation:

  1. I logged in using a normal user called mostafa

  2. I executed whomai then id which printing these results:

    mostafa uid=1033(mostafa) gid=1033(mostafa) groups=1033(mostafa)

  3. I executed another 3 commands 'whoami; id; echo Hello from root user' but by using sudo which is the equivalent to root user and the result was as following:

    root

    uid=0(root) gid=0(root) groups=0(root)

    Hello from root user

Also in order to use sudo I have to type a password ( unless you configured it to work passwordless ) using echo 'mynormaluserpassword' | sudo -S and then I used sh -c 'whoami; id; echo Hello from root user' to pass all the command i need to execute it as root.

So any root commands you need to execute could be added in here echo 'mynormaluserpassword' | sudo -S sh -c 'echo Hello from root user'"

Mostafa Hussein
  • 11,063
  • 3
  • 36
  • 61
  • I tried all you wrote , didn't work , I found out the main problem was because I started hadoop at the same time with job execution and this led to errors in my script.Thank you for your help :)) – Dalya May 22 '17 at 03:37
  • if you tried the same examples as provided it should work as i have tested it on a server and yes it may not work with different commands as the code itself maybe needs some modifications in this case (for example output redirection might cause an issue with my code but i have not tested it in this case ) and sorry i wasn't able to repeat the same steps as you i wanted to get a clear picture first of your situation :D, so you have solved the issue or still ? – Mostafa Hussein May 22 '17 at 03:45
  • 1
    It didn't worked because my setup is different(commands in different users), also because I added the command that start hadoop in the script while I must open hadoop before that.Yes I finally fix it :D – Dalya May 22 '17 at 03:52
1

I solved this issue by this steps:

1- Add sudo to snort commands without login to root user so I don't need to logout later.

sudo snort -dev -n 20 -l /home/hduser/log9 -b -c /etc/snort5/snort.conf
sudo chmod a+rwx /home/hduser/log9/snort.log.*
sudo tcpdump -n -tttt -r /home/hduser/log9/snort.log.* > /home/hduser/log9/bigfile2.txt

And to run it without a password, add this Line to visudo :

hduser ALL=(ALL) NOPASSWD: ALL

2- At this point it worked until I send the file to hadoop, It give message says:

nameNode in safe mode

I found out the problem was because Job is running before namenode is out of safemode after startup. So I started hadoop process before excuting the script few minutes and Its worked fine .

Dalya
  • 374
  • 1
  • 3
  • 15
  • Hint: you can also limit the permission of `hduser` instead of allowing him to use any command on your system – Mostafa Hussein May 22 '17 at 03:48
  • check this [Name node is in safe mode. Not able to leave](http://stackoverflow.com/questions/15803266/name-node-is-in-safe-mode-not-able-to-leave) as it might be similar issue – Mostafa Hussein May 22 '17 at 03:49
  • I also did: hadoop dfsadmin -safemode leave, didn't fix the problem, I fix it now by running hadoop before execute the script. – Dalya May 22 '17 at 04:02
  • How can I limit the permission of hduser?, I added this: hduser ALL=(ALL) NOPASSWD: ALL , to make it execute the script without ask for password. – Dalya May 22 '17 at 04:06
  • can I ask you what is your specialty? – Dalya May 22 '17 at 04:13
  • 1
    `hduser ALL=(ALL) NOPASSWD: ALL` the last `ALL` means he can use all commands without typing the password. for example if you want to allow him to use tcpdump command only you can do `hduser ALL=(ALL) NOPASSWD: /usr/bin/tcpdump` (to get the full path of tcpdump on your system type `whereis tcpdump`), check this [article](http://ask.xmodulo.com/use-sudo-without-password-prompt-linux.html) and also this [question](https://unix.stackexchange.com/questions/44557/how-to-restrict-to-run-commands-in-specific-directory-through-sudoers) – Mostafa Hussein May 22 '17 at 04:14
  • linux system administrator :D or so they say \o/ :'D – Mostafa Hussein May 22 '17 at 04:15
0

I'm not 100% certain I understand all of your description correctly, but I think what you're trying to say is that the remote part of the command isn't happening? Is /home/hduser/hadoop your second script?

If yes, this should do the job:

cd ~/snort5_src
cd snort-2.9.9.0
snort -dev -n 20 -l /home/hduser/log9 -b -c /etc/snort5/snort.conf
chmod a+rwx /home/hduser/log9/snort.log.*
tcpdump -n -tttt -r /home/hduser/log9/snort.log.* >         
/home/hduser/log9/bigfile2.txt
sshpass -p hadoop ssh -o StrictHostKeyChecking=no hduser@dalya-B5400 /home/hduser/hadoop

The problem being that you just connect to the remote machine, and it knows nothing of what's in the local script after that :)

tink
  • 14,342
  • 4
  • 46
  • 50
  • Yes, The problem is I can't connect to the local machine again from this script, I did as you said but didn't work :l – Dalya May 20 '17 at 21:00
  • @Dalya do you know why you cannot login to the server again? Does this command return any errors ? `sshpass -p hadoop ssh -o StrictHostKeyChecking=no hduser@dalya-B5400 /home/hduser/hadoop ` , Can you execute the same command manually ? – Mostafa Hussein May 21 '17 at 00:17
  • @Mostafa Hussein, because I logged to the root , after that I need to execute commands as the local user, So I need a way to log to the normal user from shell script and continue to execute commands behind it in the shell.sshpass -p hadoop ssh -o StrictHostKeyChecking=no hduser@dalya-B5400 /home/hduser/hadoop, worked to log to the local user and execute just the first command in the second script and for the second command give this message:./hadoop.sh: line 3: hadoop: command not found which I think it did not login to the local user in right way. – Dalya May 21 '17 at 01:30