0

我的新问题是执行 bash shell 脚本,该脚本在 java 中请求 sudo 权限。我想做的是使用命令行将 ds-389 数据库导出为 ldif 格式,这是使用 ns-slapd db2ldif 命令完成的。这是我在 main 中执行此操作的 java 简单代码:

ProcessBuilder p = new ProcessBuilder("/bin/bash", "example.sh");
final Process process = p.start();

其中 example.sh 位于项目目录中,访问它没有问题。可以肯定的是,我还添加了使用 chmod 777 执行脚本的权限。Example.sh 只有这个:

#!/bin/bash
ns-slapd db2ldif -D /etc/dirsrv/slapd-localhost -n userRoot -s "ou=Group,dc=localdomain" -a /tmp/file.ldif

到目前为止,我尝试使用 visudo 添加以下行:

nobody ALL=(ALL) NOPASSWD: /usr/sbin/ns-slapd
myUSER ALL=(ALL) NOPASSWD: /usr/sbin/ns-slapd
root ALL=(ALL) NOPASSWD: /usr/sbin/ns-slapd 
bin ALL=(ALL) NOPASSWD: /usr/sbin/ns-slapd 
myUSER ALL = NOPASSWD: /usr/bin/java 
root ALL= NOPASSWD: /usr/bin/java 
nobody ALL= NOPASSWD: /usr/bin/java 
bin ALL= NOPASSWD: /usr/bin/java

但是没有结果..是的,这个更改允许我在不询问密码的情况下执行 example.sh,但是在命令行中。当我从java中尝试这个时它不起作用并且在/tmp中没有创建file.ldif。欢迎任何帮助。谢谢你的时间 :)

4

2 回答 2

0

尝试使用sudo -S -p.

我使用JSch位于的类的其他方式jsch-0.1.38.jar

这个想法是将sudo输入从控制台重定向到java代码。

SudoExec 类

public abstract class SudoExec {

private String mHost;
private static String passwd;
private SSHObserverItf mObserver = null;
protected boolean isForceStop = false;
protected boolean isAsIs = false;
protected Timer mTimer = null;



//default constructor
public SudoExec(String hostName,String userName,String password){
    setHost(userName+"@"+hostName);
    setPassword(password);
}

public void init(int timeToWait) {

    mTimer = new Timer();


    new Thread(){       
        public  void run(){
            execCMD();
        }           
    }.start();

    mTimer.doWait(timeToWait);

    isForceStop = true;
}


private void execCMD (){

    isForceStop = false;        

    try{
        JSch jsch=new JSch();  

        String host=getHost();


        String user=host.substring(0, host.indexOf('@'));
        host=host.substring(host.indexOf('@')+1);

        Session session=jsch.getSession(user, host, 22);



        // username and password will be given via UserInfo interface.
        UserInfo ui=new MyUserInfo();
        session.setUserInfo(ui);
        session.connect();

        String command=getCmd();

        Channel channel=session.openChannel("exec");

        ((ChannelExec)channel).setPty(true);

        if(isAsIs == true){
            ((ChannelExec)channel).setCommand(command);
            }
        else{
            ((ChannelExec)channel).setCommand("sudo -S -p '' " + command);
        }

        InputStream in=channel.getInputStream();
          OutputStream out=channel.getOutputStream();
          ((ChannelExec)channel).setErrStream(System.err);

          channel.connect();

          out.write((passwd+"\n").getBytes());
          out.flush();

        byte[] tmp=new byte[1024];
        while(true && isForceStop == false){                
            while(in.available()>0 ){
                int i=in.read(tmp, 0, 1024);
                if(i<0)break;

                mObserver.onResponse((new String(tmp, 0, i)));

            }
            if(channel.isClosed()){
                mObserver.onResponse("exit-status: "+channel.getExitStatus());
                mTimer.doNotify();
                break;
            }


            try{Thread.sleep(100);}catch(Exception ee){}
        }

        mObserver.onResponse("close channel ... ");         
        channel.disconnect();
        mObserver.onResponse("close session ... ");
        session.disconnect();
    }
    catch(Exception e){
        System.out.println(e);
        mObserver.onErrorResponse(e.getMessage());
    }



}



public static class MyUserInfo implements UserInfo, UIKeyboardInteractive{
    public String getPassword(){
        return passwd;
    }

    public boolean promptYesNo(String str){
        return true;
    }



    public String getPassphrase(){ return null; }
    public boolean promptPassphrase(String message){ return true; }
    public boolean promptPassword(String message){
        return true;
    }

    public void showMessage(String message){
    }

    @Override
    public String[] promptKeyboardInteractive(String arg0, String arg1,
            String arg2, String[] arg3, boolean[] arg4) {
        return null;
    }
}

public void setPassword(String password){
    passwd=password;
}

public void setHost(String hostname){
    mHost=hostname;
}

public String getPassword(){
    return passwd;
}


public String getHost(){
    return mHost;
}

protected abstract String getCmd();

public void setObserver(SSHObserverItf observer) {
    mObserver = observer;
}   
}

SSHObserverItf 接口

public interface SSHObserverItf {
public void onResponse(String line);
public void onErrorResponse(String line);
}

一些任务

public class SomeTask extends SudoExec implements SSHObserverItf{

private static String command = "";
private static String hostname = "";
private static String user = "";
private static String pass = "";
private static Boolean isError=false;

private static String wait = "300";



static public void main(String args[]) throws IOException, ParseException, NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException {


    new SomeTask(hostname,user,pass);

    if (isError == true){
        System.out.println("Test failed");
    }   
    else{
        System.out.println("\nSucceeded to invoke command : " + command);
    }   

}



public CopyPeriodMergeToExternal(String hostName, String userName, String password) throws IOException, ParseException {

    super(hostName, userName, password);

    SSHObserverItf observer = this;

    super.setObserver(observer);

    super.init(Integer.parseInt(wait) * 1000);

}




@Override
protected String getCmd() {

    isAsIs = true;


    command="rm -f somescript.sh";


    System.out.println("Run followed command : " + command);

    return command;
}

@Override
public void onResponse(String line) {
    System.out.println(line);       
}

@Override
public void onErrorResponse(String line) {
    System.out.println(line);
    System.out.println("Error has occured");        
    isError = true;
}
}

课堂的主要部分SudoExec是:

public static class MyUserInfo implements UserInfo, UIKeyboardInteractive{
    public String getPassword(){ //     <---
        return passwd;
    }

    public boolean promptYesNo(String str){
        return true;  //     <---
    }

希望它能解决你的问题

于 2013-09-22T09:49:42.837 回答
0

我解决了评论行的问题

默认要求

使用 visudo。

于 2013-09-30T23:11:13.240 回答