Hello all once again...

I'm managing around 20 or so solaris and redhat boxes. I've setup a management server and need to create a deploy script.

I've got most of it going, except for some very important logic.

I am not able to ssh to any of the boxen as root, a given company policy based on Sarbanes Oxley compliance. For this reason, I cannot scp directly as root.

I have to deploy several files and the only way to do such is with root privledges. Can i feed su a password directly on the command line?

I know, if running ps, that password is known, however, I do intend to wrap it with a different script.

No documentation I have found details this, but wanted to know if anyone knew how.

I have to deploy several files and the only way to do such is with root privledges. Can i feed su a password directly on the command line? Not using pipes, because su checks that its input is coming from a terminal

You can do it with expect, although that probably isn't a great idea (anyone with read permission to the script will know the password...).

You would be better off using sudo.

In /etc/sudoers..



frankb ALL=NOPASSWD: /bin/command,/sbin/comman2,/usr/local/sbin/command3

Thank you both. Sudoers it is, just have to redo some logic in the wrapper scripts. I appreciate it tremendously!

You could also setup a rsync server and then have the root account on the server pull down the files. The rysnc client could run out of cron and update whenever there was new files posted. This would avoid the need for a login.