[英]Python Fabric Sudo su - user
I currently do the following from the command line:我目前从命令行执行以下操作:
$ ssh myuser@remote-server
password:
[myuser@remote-server ~]$ sudo su - dev_user
[dev_user@remote-server ~]$ whoami
dev_user
[dev_user@remote-server ~]$
No permission issue.没有权限问题。
The myuser has enough permission to do what typed above, but it does not have permission to do sudo su -c whoami dev_user myuser 有足够的权限来执行上面输入的操作,但它没有权限执行 sudo su -c whoami dev_user
I tried the following code我尝试了以下代码
from fabric import Connection, task
@task
def abcd(ctx):
sudo_pass = getpass.getpass("What's your sudo password?")
config = Config(overrides={'sudo': {'password': sudo_pass}})
with Connection('dev-server', user='myuser', connect_kwargs={"password": sudo_pass}, config=config) as c:
c.sudo('/bin/bash -l -c whoami', user='dev_user')
I get the following output:我得到以下输出:
fab abcd
What's your sudo password?
[sudo] password: Sorry, user myuser is not allowed to execute '/bin/bash -l -c whoami' as dev_user on dev-server.
Is there a way to get fabric do what I did from the command line?有没有办法让面料做我从命令行做的事情?
Editing the sudoers file is not an option.编辑 sudoers 文件不是一种选择。
The remote server is Linux RH 7.6.远程服务器是 Linux RH 7.6。
Thank you.谢谢你。
The following works: 以下作品:
c.run("echo 'whoami' | sudo su - dev_user")
c.run("echo 'cd /some/directory && ./somescript.sh' | sudo su - dev_user")
With paython 3x
and fabric 2.4.0
you could use it like this 使用paython 3x
和fabric 2.4.0
您可以像这样使用它
install fabric using pip pip3 install fabric>=2.4.0
使用pip pip3 install fabric>=2.4.0
from fabric import Connection as connection, task
@task
def executeTask(ctx):
with connection(host=dev_server, user=myuser) as c:
c.run('sudo su - dev_user')
Place this code in a file called fabfile.py and run it by executing this command from your command-line fab executeTask
. 将此代码放在名为fabfile.py的文件中,并通过命令行fab executeTask
执行此命令来运行它。
Yes, you can use sudo
with a user=
argument, to use sudo to switch to another user, just like you are doing in the shell: 是的,你可以使用sudo
和user=
参数,使用sudo切换到另一个用户,就像你在shell中做的那样:
from fabric import Connection
c = Connection('host')
c.sudo('/bin/bash -l -c whoami', user='dev_user')
sudo accepts additional
user
andgroup
arguments, which are passed to sudo and allow you to run as some user and/or group other than root. sudo接受其他user
和group
参数,这些参数传递给sudo并允许您作为除root之外的某个用户和/或组运行。 On most systems, the sudo program can take a string username/group or an integer userid/groupid (uid/gid); 在大多数系统上,sudo程序可以使用字符串username / group或整数userid / groupid(uid / gid);user
andgroup
may likewise be strings or integers.user
和group
同样可以是字符串或整数。
http://docs.fabfile.org/en/1.14/api/core/operations.html?highlight=sudo#fabric.operations.sudo http://docs.fabfile.org/en/1.14/api/core/operations.html?highlight=sudo#fabric.operations.sudo
The above solution will only work if you can run sudo
without entering your password. 只有在不输入密码的情况下运行sudo
,上述解决方案才有效。 If your account, myuser
requires a password to run sudo
, then you can prompt for that password, and pass it to fabric
's config: 如果您的帐户myuser
需要密码才能运行sudo
,那么您可以提示输入该密码,并将其传递给fabric
的配置:
import getpass
from fabric import Connection, Config
sudo_pass = getpass.getpass("What's your sudo password?")
config = Config(overrides={'sudo': {'password': sudo_pass}})
c = Connection('host', config=config)
c.sudo('/bin/bash -l -c whoami', user='dev_user')
http://docs.fabfile.org/en/2.3/getting-started.html#the-sudo-helper http://docs.fabfile.org/en/2.3/getting-started.html#the-sudo-helper
One final idea: 最后一个想法:
from fabric import Connection, Config
config = Config(overrides={'sudo': {'user': 'sudo_user'}})
c = Connection('host', config=config)
c.sudo('whoami')
Note that no sudo password is provided in this case, but a user
is, in the Config
setup. 请注意,在这种情况下,没有提供sudo密码,但在Config
设置中, user
是。 And c.sudo
is changed back to a simple c.sudo('whoami')
. 然后c.sudo
变回简单的c.sudo('whoami')
。 This should be interpreted as sudo su - sudo_user
by Fabric. 这应该被Fabric解释为sudo su - sudo_user
。
你可以这样尝试:
conn.run("sudo su root -c 'cd /some/directory && ls -la && ./somescript.sh'")
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.