configuração adequada do visudo NOPASSWD para script de backup do bash

Question

configuração adequada do visudo NOPASSWD para script de backup do bash

#1 resposta do (2 votos)
#2 resposta do (2 votos)
#3 resposta do (0 votos)

2

A questão abstrata é:

Se o script x chamar o programa y , eu preciso de uma entrada NOPASSWD em / etc / sudoers para x , y ou ambos x & %código%? (E y então pode chamar x sem senha?)

Detalhes:

Estou tentando descobrir o que deve ser inserido no arquivo / etc / sudoers para permitir que um usuário no Ubuntu (ou seja, ID do usuário 1000 com privilégios sudo) execute um backup completo pré-configurado sem digitar uma senha.

Meu script de backup é: sudo -v
(Veja abaixo o script).

O programa de backup real chamado pelo meu script é /usr/local/bin/backup
(Veja link )

Eu tentei várias abordagens com /opt/storeBackup/bin/storeBackup.pl , mas independentemente do que tentei, ainda fui solicitado a fornecer a senha ao executar o script.

Eu esperava que adicionar uma linha final ao / etc / sudoers (usando visudo) como o seguinte funcionasse:

myuser ALL=(ALL) NOPASSWORD:/usr/local/bin/backup

Isso não funcionou. Nem isso:

myuser ALL=(ALL) NOPASSWORD:/usr/local/bin/backup, /opt/storeBackup/bin/storeBackup.pl

O problema está no meu script chamando visudo perto do começo? Ou é outra coisa o problema?

Para executar o script a seguir, espero que o usuário abra um terminal e digite sudo -v . Eu quero que seja assim tão simples e eu não quero que eles sejam solicitados por uma senha.

#!/bin/bash

sudo -v
# Keep-alive: update existing sudo time stamp if set, otherwise do nothing.
while true; do sudo -n true; sleep 60; kill -0 "$$" || exit; done 2>/dev/null &

#do a bunch of stuff that could take a while...

#finally, do backup without asking for password:
sudo /opt/storeBackup/bin/storeBackup.pl -f backup.conf

Obrigado

password sudo bash

por MountainX 18.03.2014 / 06:18

3 respostas

2

Se você usa o Ubuntu, você deve adicionar sua linha no final de /etc/sudoers , para que nenhuma outra linha possa substituir sua entrada.

# User privilege specification
root    ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d

Se a sua entrada for anterior a %sudo entry, ele irá substituir sua entrada, porque no Ubuntu, você está em sudo group :

$ id
uid=1000(cuonglm) gid=1000(cuonglm) groups=1000(cuonglm),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),109(lpadmin),124(sambashare)

E você deve permitir o script do wrapper e o script real (no seu caso, é /usr/local/bin/backup e /opt/storeBackup/bin/storeBackup.pl )

por 18.03.2014 / 07:18

0

Esta informação é para @slm. (Veja link .) Mesmo com este caso simples, ele pede a senha.

$ sudo cat / etc / sudoers

tester2 ALL=(ALL) NOPASSWD: /usr/local/bin/backup, /opt/storeBackup/bin/storeBackup.pl

tester2 @ 11038-VirtualBox: ~ $ sudo -l

Matching Defaults entries for tester2 on this host:
    env_reset,
    secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin,
    !tty_tickets

User tester2 may run the following commands on this host:
    (ALL : ALL) ALL
    (ALL) NOPASSWD: /usr/local/bin/backup, (ALL) /opt/storeBackup/bin/storeBackup.pl

Estou testando com apenas um arquivo (este aqui):
$ cat / usr / local / bin / backup

#!/bin/bash

echo "$0"
sudo -v 
whoami

O arquivo acima é executável e é de propriedade do usuário (tester2 / id 1000).

E a execução deste comando strace -s 2000 -o sudo.log /usr/local/bin/backup da conta do tester2 é assim (e eu digitei a senha):

execve("/usr/local/bin/backup", ["backup"], [/* 45 vars */]) = 0
brk(0)                                  = 0x9be0000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77d3000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=74931, ...}) = 0
mmap2(NULL, 74931, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb77c0000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/i386-linux-gnu/libtinfo.so.5", O_RDONLY|O_CLOEXEC) = 3
read(3, "7ELFtester2 ALL=(ALL) NOPASSWD: /usr/local/bin/backup, /opt/storeBackup/bin/storeBackup.pl
Matching Defaults entries for tester2 on this host:
    env_reset,
    secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin,
    !tty_tickets

User tester2 may run the following commands on this host:
    (ALL : ALL) ALL
    (ALL) NOPASSWD: /usr/local/bin/backup, (ALL) /opt/storeBackup/bin/storeBackup.pl
#!/bin/bash

echo "$0"
sudo -v 
whoami
execve("/usr/local/bin/backup", ["backup"], [/* 45 vars */]) = 0
brk(0)                                  = 0x9be0000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77d3000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=74931, ...}) = 0
mmap2(NULL, 74931, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb77c0000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/i386-linux-gnu/libtinfo.so.5", O_RDONLY|O_CLOEXEC) = 3
read(3, "7ELF%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%PW%pre%%pre%04%pre%%pre%%pre%04%pre%%pre%%pre%%pre%%pre%04%pre% %pre%%pre%(%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%P4%pre%P4%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%06%pre%06%pre%06%pre%0%pre%%pre%| %pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%46%pre%46%pre%46%pre%0%pre%%pre%%pre%0%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%$%pre%%pre%%pre%$%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%P5td00%pre%00%pre%00%pre%4%pre%%pre%4%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%Q5td%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%R5td06%pre%06%pre%06%pre%00%pre%%pre%00%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%GNU%pre%1x05F0?m0677y41ge43%pre%%pre%%pre%07%pre%%pre%%pre% %pre%%pre%%pre%\n%pre%%pre%%pre%@%pre%3%pre%400%pre%210@%pre%%pre% 948q2}\42077e:F&02Cj%pre%0H*V$ ,3A%pre%*0 1%pre%\fa*(Db!35@Y23b@ 0%pre%%pre%44%pre%PF0YI1. P1\n1BA246\n 01$7)0N6@7%pre%%pre%%pre%08%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%:%pre%%pre%%pre%;%pre%%pre%%pre%%pre%%pre%%pre%%pre%=%pre%%pre%%pre%%pre%%pre%%pre%%pre%?%pre%%pre%%pre%A%pre%%pre%%pre%C%pre%%pre%%pre%", 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=121024, ...}) = 0
mmap2(NULL, 124748, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb77a1000
mmap2(0xb77bd000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b) = 0xb77bd000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/i386-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "7ELF%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%'\n%pre%%pre%04%pre%%pre%%pre%t1%pre%%pre%%pre%%pre%%pre%%pre%04%pre% %pre%\t%pre%(%pre% %pre%%pre%%pre%%pre%%pre%04%pre%%pre%%pre%04%pre%%pre%%pre%04%pre%%pre%%pre% %pre%%pre% %pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%7%pre%%pre%7%pre%%pre%7%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%\!%pre%%pre%\!%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%4.%pre%%pre%4>%pre%%pre%4>%pre%%pre%0%pre%%pre%4%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%0.%pre%%pre%0>%pre%%pre%0>%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%T%pre%%pre%T%pre%%pre%T%pre%%pre%D%pre%%pre%%pre%D%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%P5td4%pre%%pre%4%pre%%pre%4%pre%%pre%4%pre%%pre%%pre%4%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%Q5td%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%R5td4.%pre%%pre%4>%pre%%pre%4>%pre%%pre%\%pre%%pre%\%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%GNU%pre%;\nY4X711Zj2i,6373C4%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%GNU%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%0%pre%%pre%%pre%B%pre%%pre%2%pre%'3(6%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre% %pre%%pre%%pre%!%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%\"%pre%%pre%%pre%", 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=13940, ...}) = 0
mmap2(NULL, 16504, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb779c000
mmap2(0xb779f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2) = 0xb779f000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/i386-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "7ELF%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%006%pre%04%pre%%pre%%pre%p'%pre%%pre%%pre%%pre%%pre%04%pre% %pre%\n%pre%(%pre%#%pre%\"%pre%%pre%%pre%%pre%04%pre%%pre%%pre%04%pre%%pre%%pre%04%pre%%pre%%pre%@%pre%%pre%@%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%h3%pre%h3%pre%h3%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%0-%pre%0-%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%01%pre%01%pre%01%pre%-%pre%%pre%Y%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%|M%pre%|M%pre%|M%pre%0%pre%%pre%%pre%0%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%t%pre%%pre%t%pre%%pre%t%pre%%pre%D%pre%%pre%%pre%D%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%01%pre%01%pre%01%pre%%pre%%pre%%pre%@%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%P5td|3%pre%|3%pre%|3%pre%4v%pre%%pre%4v%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%Q5td%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%R5td01%pre%01%pre%01%pre%@%pre%%pre%@%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%GNU%pre%0\rn%pre%WY3040S2}0-00%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%GNU%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%3%pre%%pre%\t%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%00D0 460AE0%pre%4%pre%%pre%E0%pre%'00%pre%\f2\f%pre%%pre%10%pre%@260H6l060%pre%&406B$", 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1730024, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb779b000
mmap2(NULL, 1739484, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb75f2000
mmap2(0xb7795000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1a3) = 0xb7795000
mmap2(0xb7798000, 10972, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7798000
close(3)                                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75f1000
set_thread_area({entry_number:-1 -> 6, base_addr:0xb75f16c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
mprotect(0xb7795000, 8192, PROT_READ)   = 0
mprotect(0xb779f000, 4096, PROT_READ)   = 0
mprotect(0xb77bd000, 8192, PROT_READ)   = 0
mprotect(0x8124000, 4096, PROT_READ)    = 0
mprotect(0xb77f6000, 4096, PROT_READ)   = 0
munmap(0xb77c0000, 74931)               = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
open("/dev/tty", O_RDWR|O_NONBLOCK|O_LARGEFILE) = 3
close(3)                                = 0
brk(0)                                  = 0x9be0000
brk(0x9be1000)                          = 0x9be1000
open("/usr/lib/locale/locale-archive", O_RDONLY|O_LARGEFILE|O_CLOEXEC) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=4447600, ...}) = 0
mmap2(NULL, 2097152, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb73f1000
mmap2(NULL, 262144, PROT_READ, MAP_PRIVATE, 3, 0x2bd) = 0xb73b1000
mmap2(NULL, 4096, PROT_READ, MAP_PRIVATE, 3, 0x43a) = 0xb73b0000
close(3)                                = 0
brk(0x9be2000)                          = 0x9be2000
brk(0x9be3000)                          = 0x9be3000
getuid32()                              = 1000
getgid32()                              = 1000
geteuid32()                             = 1000
getegid32()                             = 1000
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
time(NULL)                              = 1395267410
brk(0x9be4000)                          = 0x9be4000
open("/proc/meminfo", O_RDONLY|O_CLOEXEC) = 3
fstat64(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb73af000
read(3, "MemTotal:        2061512 kB\nMemFree:          161556 kB\nBuffers:           23816 kB\nCached:          1229076 kB\nSwapCached:            0 kB\nActive:          1038852 kB\nInactive:         792548 kB\nActive(anon):     447940 kB\nInactive(anon):   161448 kB\nActive(file):     590912 kB\nInactive(file):   631100 kB\nUnevictable:           0 kB\nMlocked:               0 kB\nHighTotal:       1183688 kB\nHighFree:          14988 kB\nLowTotal:         877824 kB\nLowFree:          146568 kB\nSwapTotal:       2095100 kB\nSwapFree:        2095028 kB\nDirty:                60 kB\nWriteback:             0 kB\nAnonPages:        578540 kB\nMapped:           156860 kB\nShmem:             30880 kB\nSlab:              48428 kB\nSReclaimable:      36208 kB\nSUnreclaim:        12220 kB\nKernelStack:        2672 kB\nPageTables:         8804 kB\nNFS_Unstable:          0 kB\nBounce:                0 kB\nWritebackTmp:          0 kB\nCommitLimit:     3125856 kB\nCommitted_AS:    1922516 kB\nVmallocTotal:     122880 kB\nVmallocUsed:       28356 kB\nVmallocChunk:   ", 1024) = 1024
close(3)                                = 0
munmap(0xb73af000, 4096)                = 0
brk(0x9be5000)                          = 0x9be5000
rt_sigaction(SIGCHLD, {SIG_DFL, [], SA_RESTART}, {SIG_DFL, [], 0}, 8) = 0
rt_sigaction(SIGCHLD, {SIG_DFL, [], SA_RESTART}, {SIG_DFL, [], SA_RESTART}, 8) = 0
rt_sigaction(SIGINT, {SIG_DFL, [], 0}, {SIG_DFL, [], 0}, 8) = 0
rt_sigaction(SIGINT, {SIG_DFL, [], 0}, {SIG_DFL, [], 0}, 8) = 0
rt_sigaction(SIGQUIT, {SIG_DFL, [], 0}, {SIG_DFL, [], 0}, 8) = 0
rt_sigaction(SIGQUIT, {SIG_DFL, [], 0}, {SIG_DFL, [], 0}, 8) = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
rt_sigaction(SIGQUIT, {SIG_IGN, [], 0}, {SIG_DFL, [], 0}, 8) = 0
uname({sys="Linux", node="11038-VirtualBox", ...}) = 0
brk(0x9be6000)                          = 0x9be6000
brk(0x9be7000)                          = 0x9be7000
stat64("/home/tester2", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
stat64(".", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
getpid()                                = 8307
open("/usr/lib/i386-linux-gnu/gconv/gconv-modules.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=26256, ...}) = 0
mmap2(NULL, 26256, PROT_READ, MAP_SHARED, 3, 0) = 0xb73a9000
close(3)                                = 0
brk(0x9be8000)                          = 0x9be8000
getppid()                               = 8306
gettimeofday({1395267410, 397418}, NULL) = 0
brk(0x9be9000)                          = 0x9be9000
brk(0x9bea000)                          = 0x9bea000
getpgrp()                               = 8306
rt_sigaction(SIGCHLD, {0x8085410, [], SA_RESTART}, {SIG_DFL, [], SA_RESTART}, 8) = 0
getrlimit(RLIMIT_NPROC, {rlim_cur=15942, rlim_max=15942}) = 0
brk(0x9beb000)                          = 0x9beb000
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
open("/usr/local/bin/backup", O_RDONLY|O_LARGEFILE) = 3
ioctl(3, SNDCTL_TMR_TIMEBASE or TCGETS, 0xbfad4848) = -1 ENOTTY (Inappropriate ioctl for device)
_llseek(3, 0, [0], SEEK_CUR)            = 0
read(3, "#!/bin/bash\n\necho \"$0\"\n\nsudo -v\nwhoami\n\n", 80) = 40
_llseek(3, 0, [0], SEEK_SET)            = 0
getrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=4*1024}) = 0
fcntl64(255, F_GETFD)                   = -1 EBADF (Bad file descriptor)
dup2(3, 255)                            = 255
close(3)                                = 0
fcntl64(255, F_SETFD, FD_CLOEXEC)       = 0
fcntl64(255, F_GETFL)                   = 0x8000 (flags O_RDONLY|O_LARGEFILE)
fstat64(255, {st_mode=S_IFREG|0755, st_size=40, ...}) = 0
_llseek(255, 0, [0], SEEK_CUR)          = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
read(255, "#!/bin/bash\n\necho \"$0\"\n\nsudo -v\nwhoami\n\n", 40) = 40
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
brk(0x9bec000)                          = 0x9bec000
write(1, "/usr/local/bin/backup\n", 22) = 22
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
stat64(".", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
stat64("/usr/local/sbin/sudo", 0xbfad4600) = -1 ENOENT (No such file or directory)
stat64("/usr/local/bin/sudo", 0xbfad4600) = -1 ENOENT (No such file or directory)
stat64("/usr/sbin/sudo", 0xbfad4600)    = -1 ENOENT (No such file or directory)
stat64("/usr/bin/sudo", {st_mode=S_IFREG|S_ISUID|0755, st_size=69708, ...}) = 0
stat64("/usr/bin/sudo", {st_mode=S_IFREG|S_ISUID|0755, st_size=69708, ...}) = 0
geteuid32()                             = 1000
getegid32()                             = 1000
getuid32()                              = 1000
getgid32()                              = 1000
access("/usr/bin/sudo", X_OK)           = 0
stat64("/usr/bin/sudo", {st_mode=S_IFREG|S_ISUID|0755, st_size=69708, ...}) = 0
geteuid32()                             = 1000
getegid32()                             = 1000
getuid32()                              = 1000
getgid32()                              = 1000
access("/usr/bin/sudo", R_OK)           = 0
stat64("/usr/bin/sudo", {st_mode=S_IFREG|S_ISUID|0755, st_size=69708, ...}) = 0
stat64("/usr/bin/sudo", {st_mode=S_IFREG|S_ISUID|0755, st_size=69708, ...}) = 0
geteuid32()                             = 1000
getegid32()                             = 1000
getuid32()                              = 1000
getgid32()                              = 1000
access("/usr/bin/sudo", X_OK)           = 0
stat64("/usr/bin/sudo", {st_mode=S_IFREG|S_ISUID|0755, st_size=69708, ...}) = 0
geteuid32()                             = 1000
getegid32()                             = 1000
getuid32()                              = 1000
getgid32()                              = 1000
access("/usr/bin/sudo", R_OK)           = 0
rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0
_llseek(255, -8, [32], SEEK_CUR)        = 0
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb75f1728) = 8308
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigaction(SIGINT, {0x80829d0, [], 0}, {SIG_DFL, [], 0}, 8) = 0
waitpid(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0) = 8308
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
--- SIGCHLD (Child exited) @ 0 (0) ---
waitpid(-1, 0xbfad4038, WNOHANG)        = -1 ECHILD (No child processes)
sigreturn()                             = ? (mask now [])
rt_sigaction(SIGINT, {SIG_DFL, [], 0}, {0x80829d0, [], 0}, 8) = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
read(255, "whoami\n\n", 40)             = 8
stat64(".", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
stat64("/usr/local/sbin/whoami", 0xbfad4600) = -1 ENOENT (No such file or directory)
stat64("/usr/local/bin/whoami", 0xbfad4600) = -1 ENOENT (No such file or directory)
stat64("/usr/sbin/whoami", 0xbfad4600)  = -1 ENOENT (No such file or directory)
stat64("/usr/bin/whoami", {st_mode=S_IFREG|0755, st_size=22060, ...}) = 0
stat64("/usr/bin/whoami", {st_mode=S_IFREG|0755, st_size=22060, ...}) = 0
geteuid32()                             = 1000
getegid32()                             = 1000
getuid32()                              = 1000
getgid32()                              = 1000
access("/usr/bin/whoami", X_OK)         = 0
stat64("/usr/bin/whoami", {st_mode=S_IFREG|0755, st_size=22060, ...}) = 0
geteuid32()                             = 1000
getegid32()                             = 1000
getuid32()                              = 1000
getgid32()                              = 1000
access("/usr/bin/whoami", R_OK)         = 0
stat64("/usr/bin/whoami", {st_mode=S_IFREG|0755, st_size=22060, ...}) = 0
stat64("/usr/bin/whoami", {st_mode=S_IFREG|0755, st_size=22060, ...}) = 0
geteuid32()                             = 1000
getegid32()                             = 1000
getuid32()                              = 1000
getgid32()                              = 1000
access("/usr/bin/whoami", X_OK)         = 0
stat64("/usr/bin/whoami", {st_mode=S_IFREG|0755, st_size=22060, ...}) = 0
geteuid32()                             = 1000
getegid32()                             = 1000
getuid32()                              = 1000
getgid32()                              = 1000
access("/usr/bin/whoami", R_OK)         = 0
rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0
_llseek(255, -1, [39], SEEK_CUR)        = 0
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb75f1728) = 8309
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigaction(SIGINT, {0x80829d0, [], 0}, {SIG_DFL, [], 0}, 8) = 0
waitpid(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0) = 8309
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
--- SIGCHLD (Child exited) @ 0 (0) ---
waitpid(-1, 0xbfad4038, WNOHANG)        = -1 ECHILD (No child processes)
sigreturn()                             = ? (mask now [])
rt_sigaction(SIGINT, {SIG_DFL, [], 0}, {0x80829d0, [], 0}, 8) = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
read(255, "\n", 40)                     = 1
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
read(255, "", 40)                       = 0
exit_group(0)                           = ?
%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%PW%pre%%pre%04%pre%%pre%%pre%04%pre%%pre%%pre%%pre%%pre%04%pre% %pre%%pre%(%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%P4%pre%P4%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%06%pre%06%pre%06%pre%0%pre%%pre%| %pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%46%pre%46%pre%46%pre%0%pre%%pre%%pre%0%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%$%pre%%pre%%pre%$%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%P5td00%pre%00%pre%00%pre%4%pre%%pre%4%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%Q5td%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%R5td06%pre%06%pre%06%pre%00%pre%%pre%00%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%GNU%pre%1x05F0?m0677y41ge43%pre%%pre%%pre%07%pre%%pre%%pre% %pre%%pre%%pre%\n%pre%%pre%%pre%@%pre%3%pre%400%pre%210@%pre%%pre% 948q2}\42077e:F&02Cj%pre%0H*V$ ,3A%pre%*0 1%pre%\fa*(Db!35@Y23b@ 0%pre%%pre%44%pre%PF0YI1. P1\n1BA246\n 01$7)0N6@7%pre%%pre%%pre%08%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%:%pre%%pre%%pre%;%pre%%pre%%pre%%pre%%pre%%pre%%pre%=%pre%%pre%%pre%%pre%%pre%%pre%%pre%?%pre%%pre%%pre%A%pre%%pre%%pre%C%pre%%pre%%pre%", 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=121024, ...}) = 0
mmap2(NULL, 124748, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb77a1000
mmap2(0xb77bd000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b) = 0xb77bd000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/i386-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "7ELF%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%'\n%pre%%pre%04%pre%%pre%%pre%t1%pre%%pre%%pre%%pre%%pre%%pre%04%pre% %pre%\t%pre%(%pre% %pre%%pre%%pre%%pre%%pre%04%pre%%pre%%pre%04%pre%%pre%%pre%04%pre%%pre%%pre% %pre%%pre% %pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%7%pre%%pre%7%pre%%pre%7%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%\!%pre%%pre%\!%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%4.%pre%%pre%4>%pre%%pre%4>%pre%%pre%0%pre%%pre%4%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%0.%pre%%pre%0>%pre%%pre%0>%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%T%pre%%pre%T%pre%%pre%T%pre%%pre%D%pre%%pre%%pre%D%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%P5td4%pre%%pre%4%pre%%pre%4%pre%%pre%4%pre%%pre%%pre%4%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%Q5td%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%R5td4.%pre%%pre%4>%pre%%pre%4>%pre%%pre%\%pre%%pre%\%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%GNU%pre%;\nY4X711Zj2i,6373C4%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%GNU%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%0%pre%%pre%%pre%B%pre%%pre%2%pre%'3(6%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre% %pre%%pre%%pre%!%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%\"%pre%%pre%%pre%", 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=13940, ...}) = 0
mmap2(NULL, 16504, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb779c000
mmap2(0xb779f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2) = 0xb779f000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/i386-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "7ELF%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%006%pre%04%pre%%pre%%pre%p'%pre%%pre%%pre%%pre%%pre%04%pre% %pre%\n%pre%(%pre%#%pre%\"%pre%%pre%%pre%%pre%04%pre%%pre%%pre%04%pre%%pre%%pre%04%pre%%pre%%pre%@%pre%%pre%@%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%h3%pre%h3%pre%h3%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%0-%pre%0-%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%01%pre%01%pre%01%pre%-%pre%%pre%Y%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%|M%pre%|M%pre%|M%pre%0%pre%%pre%%pre%0%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%t%pre%%pre%t%pre%%pre%t%pre%%pre%D%pre%%pre%%pre%D%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%01%pre%01%pre%01%pre%%pre%%pre%%pre%@%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%P5td|3%pre%|3%pre%|3%pre%4v%pre%%pre%4v%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%Q5td%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%R5td01%pre%01%pre%01%pre%@%pre%%pre%@%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%GNU%pre%0\rn%pre%WY3040S2}0-00%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%GNU%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%3%pre%%pre%\t%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%00D0 460AE0%pre%4%pre%%pre%E0%pre%'00%pre%\f2\f%pre%%pre%10%pre%@260H6l060%pre%&406B$", 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1730024, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb779b000
mmap2(NULL, 1739484, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb75f2000
mmap2(0xb7795000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1a3) = 0xb7795000
mmap2(0xb7798000, 10972, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7798000
close(3)                                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75f1000
set_thread_area({entry_number:-1 -> 6, base_addr:0xb75f16c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
mprotect(0xb7795000, 8192, PROT_READ)   = 0
mprotect(0xb779f000, 4096, PROT_READ)   = 0
mprotect(0xb77bd000, 8192, PROT_READ)   = 0
mprotect(0x8124000, 4096, PROT_READ)    = 0
mprotect(0xb77f6000, 4096, PROT_READ)   = 0
munmap(0xb77c0000, 74931)               = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
open("/dev/tty", O_RDWR|O_NONBLOCK|O_LARGEFILE) = 3
close(3)                                = 0
brk(0)                                  = 0x9be0000
brk(0x9be1000)                          = 0x9be1000
open("/usr/lib/locale/locale-archive", O_RDONLY|O_LARGEFILE|O_CLOEXEC) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=4447600, ...}) = 0
mmap2(NULL, 2097152, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb73f1000
mmap2(NULL, 262144, PROT_READ, MAP_PRIVATE, 3, 0x2bd) = 0xb73b1000
mmap2(NULL, 4096, PROT_READ, MAP_PRIVATE, 3, 0x43a) = 0xb73b0000
close(3)                                = 0
brk(0x9be2000)                          = 0x9be2000
brk(0x9be3000)                          = 0x9be3000
getuid32()                              = 1000
getgid32()                              = 1000
geteuid32()                             = 1000
getegid32()                             = 1000
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
time(NULL)                              = 1395267410
brk(0x9be4000)                          = 0x9be4000
open("/proc/meminfo", O_RDONLY|O_CLOEXEC) = 3
fstat64(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb73af000
read(3, "MemTotal:        2061512 kB\nMemFree:          161556 kB\nBuffers:           23816 kB\nCached:          1229076 kB\nSwapCached:            0 kB\nActive:          1038852 kB\nInactive:         792548 kB\nActive(anon):     447940 kB\nInactive(anon):   161448 kB\nActive(file):     590912 kB\nInactive(file):   631100 kB\nUnevictable:           0 kB\nMlocked:               0 kB\nHighTotal:       1183688 kB\nHighFree:          14988 kB\nLowTotal:         877824 kB\nLowFree:          146568 kB\nSwapTotal:       2095100 kB\nSwapFree:        2095028 kB\nDirty:                60 kB\nWriteback:             0 kB\nAnonPages:        578540 kB\nMapped:           156860 kB\nShmem:             30880 kB\nSlab:              48428 kB\nSReclaimable:      36208 kB\nSUnreclaim:        12220 kB\nKernelStack:        2672 kB\nPageTables:         8804 kB\nNFS_Unstable:          0 kB\nBounce:                0 kB\nWritebackTmp:          0 kB\nCommitLimit:     3125856 kB\nCommitted_AS:    1922516 kB\nVmallocTotal:     122880 kB\nVmallocUsed:       28356 kB\nVmallocChunk:   ", 1024) = 1024
close(3)                                = 0
munmap(0xb73af000, 4096)                = 0
brk(0x9be5000)                          = 0x9be5000
rt_sigaction(SIGCHLD, {SIG_DFL, [], SA_RESTART}, {SIG_DFL, [], 0}, 8) = 0
rt_sigaction(SIGCHLD, {SIG_DFL, [], SA_RESTART}, {SIG_DFL, [], SA_RESTART}, 8) = 0
rt_sigaction(SIGINT, {SIG_DFL, [], 0}, {SIG_DFL, [], 0}, 8) = 0
rt_sigaction(SIGINT, {SIG_DFL, [], 0}, {SIG_DFL, [], 0}, 8) = 0
rt_sigaction(SIGQUIT, {SIG_DFL, [], 0}, {SIG_DFL, [], 0}, 8) = 0
rt_sigaction(SIGQUIT, {SIG_DFL, [], 0}, {SIG_DFL, [], 0}, 8) = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
rt_sigaction(SIGQUIT, {SIG_IGN, [], 0}, {SIG_DFL, [], 0}, 8) = 0
uname({sys="Linux", node="11038-VirtualBox", ...}) = 0
brk(0x9be6000)                          = 0x9be6000
brk(0x9be7000)                          = 0x9be7000
stat64("/home/tester2", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
stat64(".", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
getpid()                                = 8307
open("/usr/lib/i386-linux-gnu/gconv/gconv-modules.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=26256, ...}) = 0
mmap2(NULL, 26256, PROT_READ, MAP_SHARED, 3, 0) = 0xb73a9000
close(3)                                = 0
brk(0x9be8000)                          = 0x9be8000
getppid()                               = 8306
gettimeofday({1395267410, 397418}, NULL) = 0
brk(0x9be9000)                          = 0x9be9000
brk(0x9bea000)                          = 0x9bea000
getpgrp()                               = 8306
rt_sigaction(SIGCHLD, {0x8085410, [], SA_RESTART}, {SIG_DFL, [], SA_RESTART}, 8) = 0
getrlimit(RLIMIT_NPROC, {rlim_cur=15942, rlim_max=15942}) = 0
brk(0x9beb000)                          = 0x9beb000
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
open("/usr/local/bin/backup", O_RDONLY|O_LARGEFILE) = 3
ioctl(3, SNDCTL_TMR_TIMEBASE or TCGETS, 0xbfad4848) = -1 ENOTTY (Inappropriate ioctl for device)
_llseek(3, 0, [0], SEEK_CUR)            = 0
read(3, "#!/bin/bash\n\necho \"$0\"\n\nsudo -v\nwhoami\n\n", 80) = 40
_llseek(3, 0, [0], SEEK_SET)            = 0
getrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=4*1024}) = 0
fcntl64(255, F_GETFD)                   = -1 EBADF (Bad file descriptor)
dup2(3, 255)                            = 255
close(3)                                = 0
fcntl64(255, F_SETFD, FD_CLOEXEC)       = 0
fcntl64(255, F_GETFL)                   = 0x8000 (flags O_RDONLY|O_LARGEFILE)
fstat64(255, {st_mode=S_IFREG|0755, st_size=40, ...}) = 0
_llseek(255, 0, [0], SEEK_CUR)          = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
read(255, "#!/bin/bash\n\necho \"$0\"\n\nsudo -v\nwhoami\n\n", 40) = 40
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
brk(0x9bec000)                          = 0x9bec000
write(1, "/usr/local/bin/backup\n", 22) = 22
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
stat64(".", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
stat64("/usr/local/sbin/sudo", 0xbfad4600) = -1 ENOENT (No such file or directory)
stat64("/usr/local/bin/sudo", 0xbfad4600) = -1 ENOENT (No such file or directory)
stat64("/usr/sbin/sudo", 0xbfad4600)    = -1 ENOENT (No such file or directory)
stat64("/usr/bin/sudo", {st_mode=S_IFREG|S_ISUID|0755, st_size=69708, ...}) = 0
stat64("/usr/bin/sudo", {st_mode=S_IFREG|S_ISUID|0755, st_size=69708, ...}) = 0
geteuid32()                             = 1000
getegid32()                             = 1000
getuid32()                              = 1000
getgid32()                              = 1000
access("/usr/bin/sudo", X_OK)           = 0
stat64("/usr/bin/sudo", {st_mode=S_IFREG|S_ISUID|0755, st_size=69708, ...}) = 0
geteuid32()                             = 1000
getegid32()                             = 1000
getuid32()                              = 1000
getgid32()                              = 1000
access("/usr/bin/sudo", R_OK)           = 0
stat64("/usr/bin/sudo", {st_mode=S_IFREG|S_ISUID|0755, st_size=69708, ...}) = 0
stat64("/usr/bin/sudo", {st_mode=S_IFREG|S_ISUID|0755, st_size=69708, ...}) = 0
geteuid32()                             = 1000
getegid32()                             = 1000
getuid32()                              = 1000
getgid32()                              = 1000
access("/usr/bin/sudo", X_OK)           = 0
stat64("/usr/bin/sudo", {st_mode=S_IFREG|S_ISUID|0755, st_size=69708, ...}) = 0
geteuid32()                             = 1000
getegid32()                             = 1000
getuid32()                              = 1000
getgid32()                              = 1000
access("/usr/bin/sudo", R_OK)           = 0
rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0
_llseek(255, -8, [32], SEEK_CUR)        = 0
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb75f1728) = 8308
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigaction(SIGINT, {0x80829d0, [], 0}, {SIG_DFL, [], 0}, 8) = 0
waitpid(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0) = 8308
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
--- SIGCHLD (Child exited) @ 0 (0) ---
waitpid(-1, 0xbfad4038, WNOHANG)        = -1 ECHILD (No child processes)
sigreturn()                             = ? (mask now [])
rt_sigaction(SIGINT, {SIG_DFL, [], 0}, {0x80829d0, [], 0}, 8) = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
read(255, "whoami\n\n", 40)             = 8
stat64(".", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
stat64("/usr/local/sbin/whoami", 0xbfad4600) = -1 ENOENT (No such file or directory)
stat64("/usr/local/bin/whoami", 0xbfad4600) = -1 ENOENT (No such file or directory)
stat64("/usr/sbin/whoami", 0xbfad4600)  = -1 ENOENT (No such file or directory)
stat64("/usr/bin/whoami", {st_mode=S_IFREG|0755, st_size=22060, ...}) = 0
stat64("/usr/bin/whoami", {st_mode=S_IFREG|0755, st_size=22060, ...}) = 0
geteuid32()                             = 1000
getegid32()                             = 1000
getuid32()                              = 1000
getgid32()                              = 1000
access("/usr/bin/whoami", X_OK)         = 0
stat64("/usr/bin/whoami", {st_mode=S_IFREG|0755, st_size=22060, ...}) = 0
geteuid32()                             = 1000
getegid32()                             = 1000
getuid32()                              = 1000
getgid32()                              = 1000
access("/usr/bin/whoami", R_OK)         = 0
stat64("/usr/bin/whoami", {st_mode=S_IFREG|0755, st_size=22060, ...}) = 0
stat64("/usr/bin/whoami", {st_mode=S_IFREG|0755, st_size=22060, ...}) = 0
geteuid32()                             = 1000
getegid32()                             = 1000
getuid32()                              = 1000
getgid32()                              = 1000
access("/usr/bin/whoami", X_OK)         = 0
stat64("/usr/bin/whoami", {st_mode=S_IFREG|0755, st_size=22060, ...}) = 0
geteuid32()                             = 1000
getegid32()                             = 1000
getuid32()                              = 1000
getgid32()                              = 1000
access("/usr/bin/whoami", R_OK)         = 0
rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0
_llseek(255, -1, [39], SEEK_CUR)        = 0
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb75f1728) = 8309
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigaction(SIGINT, {0x80829d0, [], 0}, {SIG_DFL, [], 0}, 8) = 0
waitpid(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0) = 8309
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
--- SIGCHLD (Child exited) @ 0 (0) ---
waitpid(-1, 0xbfad4038, WNOHANG)        = -1 ECHILD (No child processes)
sigreturn()                             = ? (mask now [])
rt_sigaction(SIGINT, {SIG_DFL, [], 0}, {0x80829d0, [], 0}, 8) = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
read(255, "\n", 40)                     = 1
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
read(255, "", 40)                       = 0
exit_group(0)                           = ?

por 19.03.2014 / 23:38

Tags password sudo bash

A cópia do conteúdo do emacs através da área de transferência do aplicativo terminal copia as guias inesperadas para alguns espaços dd comando perdeu partição

score 2 · Accepted Answer

Tive êxito ao usar os exemplos a seguir, como você descreveu. Scripts de amostra:

top.bash

$ cat /tmp/top.bash    
#!/bin/bash

echo "running $0"
sudo -v 
whoami
sudo /tmp/bott.bash

bott.bash

$ more /tmp/bott.bash
#!/bin/bash

echo "running $0"
whoami

Agora, com a seguinte modificação para sudo :

## Allow root to run any commands anywhere 
root    ALL=(ALL)       ALL
sam     ALL=(ALL)       NOPASSWD:/tmp/top.bash

Agora como usuário sam:

$ sudo /tmp/top.bash 
running /tmp/top.bash
root
running /tmp/bott.bash
root

Que tal correr top.bash sem sudo?

Se eu alterar o arquivo /etc/sudoers da seguinte forma:

sam     ALL=(ALL)       NOPASSWD:/tmp/top.bash,/tmp/bott.bash

E, em seguida, basta executar /tmp/top.bash como usuário saml :

$ /tmp/top.bash 
running /tmp/top.bash
sam
running /tmp/bott.bash
root

Eu obtenho o acima. Qual é o que eu esperaria.