%Net.SSH.Session - how to sudo

Question

Question

#Authentication #InterSystems IRIS for Health

Hey,

I need to read a directory on a remote server which requires a user to be su.
The question is how to correctly read the server response and then to send a su password using IRIS device I/O API (I'm able to read other commands output such as uname, but can't figure out how to switch to su):

// Init SSH session
Set ..Session = ##class(%Net.SSH.Session).%New()
Set status = ..Session.Connect(..Server)
$$$ThrowOnError(status)
Set status = ..Session.AuthenticateWithUsername(..UserName, ..Password)
$$$ThrowOnError(status)

// SUDO
#Dim device
Set device = ""
Set status = ..Session.Execute("su " _ ..UserName, .device) // Is this correct?
$$$ThrowOnError(status)
Use device

#Dim response      
Read !, "", response // Here I get a kind of infinite loop
Write ..Password

Close device

As far as I understand the same problem exists in .NET and the solution is tricky and requires some manipulations with streams

Product version: IRIS 2024.3

Discussion (1)1

Log in or sign up to continue

Ludwig · Mar 10

Hi Dmitrii,

The issue stems from the fact that 'su' is designed to run interactively, so it expects a tty to read the password securely. You have to find a way to run a command as another user non-interactively.

If you have the option, you can use 'sudo' with the -S flag instead.
-S, --stdin read password from standard input

Example:

#dim cmd As %String = "echo "_password_" | sudo -S ls"
set status = Session.Execute(cmd, .device)
$$$ThrowOnError(status)
       
use device
read response:2
use 0
zwrite response

Otherwise 'expect' might work,

expect -c 'spawn su - root -c "ls"; expect "Password :"; send "password\n"; interact

1 0