[paramiko] Handling sudo

Justin Cook jhcook at gmail.com
Tue Mar 4 00:44:53 PST 2008 

Yes,

I have it working. I developed a class using some of the code from one
of the demo files. This sudo_command function in the class does not
handle interactive commands, but works well with simply executing a
process as sudo. It's not finished yet and uses logging facility, but
can easily be modified to say, return a file with sterr and stout. It
does return the return code which is useful.

I tried to handle the different use cases of sudo, for instance if the
user does not have a valid timestamp, if the user is not in sudoers
file or if the user has no permissions to execute that command. Also,
this class does not use passwd auth for SSH -- only agent -- but that
can easily be placed in with the demo code quite easily.

Once I have time to actually have this polished off I will submit it
for inclusion in the demo directory with paramiko, but if you want to
use it for now, let me know how you fair. It's pretty straightforward,
you just need your agent running. It's been used on Linux.

[code]
#!/bin/env python2.5

import os
import sys
import getpass
from Connection import *

password = getpass.getpass('Enter password for %s: ' % os.getlogin())
conn = Connection('ttraflonrh20', 22)
try:
     conn.connect(os.getlogin(), password)
except ConnectionError, e:
     print 'Could not connect to host: %s' % str(e)
     sys.exit(-1)
try:
     exitcode = conn.sudo_command('ls -l /root')
except ConnectionError, e:
     print 'Could not execute sudo command: %s' % e
     sys.exit(-1)

print exitcode
sys.exit(0)

[/code]

Yields the following:
$ ./test.py
Enter password for justinc:
0

If you want to retrieve the output you will have to modify the code or
setup the global logging facility in which case all the paramiko and
data returned from the host will be logged to whichever file you
choose. Like I mentioned, it should return an exit code and file
descriptors of stout and sterr so the class will be programmer
friendly.

Obviously, this is still a work in progress such as no close()
function yet, but if you want to just strip out the sudo_command
function and modify it, let me know how you get on.

Cheers,

On Tue, Mar 4, 2008 at 3:14 AM, Jon Sabo <jonathan.sabo at gmail.com> wrote:
> Hey did you get it working?

-- 
Justin Cook
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Connection.py
Url: http://www.lag.net/pipermail/paramiko/attachments/20080304/cf5e75b6/attachment.txt

More information about the paramiko mailing list