Established Member.. rrugg00
Established Member..
2918 views

HP OO 10.x SSH Shell command, trying to su - before execution

Jump to solution

Hi all, I need to 'su -' before running my next command in an SSH Shell operator.  The OS is RHEL 2.6  I am trying tu run this:

send sudo su -
expect (.*)password(.*)
send ${Password}

Not working.  I know this must be simple, just need the correct syntax.

Thanks everyone,

Roberto

RR
Labels (1)
0 Likes
1 Solution

Accepted Solutions
scuda20 Super Contributor.
Super Contributor.

Re: HP OO 10.x SSH Shell command, trying to su - before execution

Jump to solution

As someone else pointed out, the hidden readTimeout can help. I have putty and pscp on my Studio win7 desktop but I honestly don't think I did any configuration to point to it.

If you don't already have it, you can create a Dev project, create a single flow with the ssh command, deploy to Central and then create a remote debugger connection so you can run the flow from Central to test. Don't mean to be captain obvious if you have already done that.

10 Replies
scuda20 Super Contributor.
Super Contributor.

Re: HP OO 10.x SSH Shell command, trying to su - before execution

Jump to solution

/Base [1.8.0]/Library/Operations/Remote Command Execution/SSH/v2.0/SSH Shell

send sudo su
expectEndsWith :
send ${password}
expectEndsWith #
send passwd root
always send ${unixPass}
on expectEndsWith :

Obviously I am gettin my vars ${password} and ${unixPass} from other means but this works on Ubuntu 12-16, CentOS 5.7-7.1 which is what I am using.

0 Likes
Established Member.. rrugg00
Established Member..

Re: HP OO 10.x SSH Shell command, trying to su - before execution

Jump to solution

Thanks for the reply, I still can't get it to work.  It's driving me a little crazy at this point, seems stupid for it not to work. This is what I'm using:

send sudo su
expectEndsWith #  ( I tested on the console and that command goes right to the prompt as my user)
send cp /home/root/file.txt /tmp/file.txt

Raw Result:

{TimedOut=false;returnResult=Script did not fully finish, had: 2 commands left java.lang.Exception: readTimedout at: 20005ms
Instructions left: 2;returnCode=-1;Result=Script did not fully finish, had: 2 commands left java.lang.Exception: readTimedout at: 20005ms
Instructions left: 2;exception=com.hp.oo.content.ssh.exceptions.SSHException: Script did not fully finish, had: 2 commands left java.lang.Exception: readTimedout at: 20005ms
Instructions left: 2
at com.hp.oo.content.ssh.services.impl.SSHServiceImpl.runExpectCommand(SSHServiceImpl.java:239)
at com.hp.oo.content.ssh.actions.SSHShell.runSshExpectCommand(SSHShell.java:101)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.hp.oo.sdk.plugins.abstracts.BaseActionPlugin.execute(BaseActionPlugin.java:53)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.hp.oo.maven.PluginAdapterImpl.executePlugin(PluginAdapterImpl.java:328)
at com.hp.oo.maven.PluginAdapterImpl.execute(PluginAdapterImpl.java:248)
at com.hp.oo.execution.control.actions.contentexecution.ContentExecutionActions.executeContentAction(ContentExecutionActions.java:96)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.hp.score.worker.execution.reflection.ReflectionAdapterImpl.executeControlAction(ReflectionAdapterImpl.java:71)
at com.hp.score.worker.execution.services.ExecutionServiceImpl.executeStep(ExecutionServiceImpl.java:324)
at com.hp.score.worker.execution.services.ExecutionServiceImpl.execute(ExecutionServiceImpl.java:86)
at com.hp.score.worker.management.services.SimpleExecutionRunnable.executeRegularStep(SimpleExecutionRunnable.java:174)
at com.hp.score.worker.management.services.SimpleExecutionRunnable.run(SimpleExecutionRunnable.java:133)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at com.hp.score.worker.management.services.WorkerThreadFactory$1.run(WorkerThreadFactory.java:41)
at java.lang.Thread.run(Thread.java:745)
;SESSION_ON=true;}

Primary Result:

Script did not fully finish, had: 2 commands left java.lang.Exception: readTimedout at: 20005ms
Instructions left: 2

Thanks for any help

RR
0 Likes
scuda20 Super Contributor.
Super Contributor.

Re: HP OO 10.x SSH Shell command, trying to su - before execution

Jump to solution

So it's not real obvious, but the timeout you are getting is because the expect is waiting for the regex that never occurs. You are running into the operation timeout for ssh. Let me give you an example:

oouser@demo-oou:~$ sudo su
[sudo] password for oouser:
root@demo-oou:/home/oouser# cp /tmp/file.txt /home/oouser/file.txt
root@demo-oou:/home/oouser#

logging on above with a regular user, my end prompt is $, then when I sudo it is : and then it is # after I have evelated my privilege. So to translate that into the commands......

send sudo su
expectEndsWith :
send ${password}
expectEndsWith #
send cp /tmp/file.txt /home/oouser/file.txt
expectEndsWith #

What you should do to test it out is go to your Studio box and run C:\Program Files\Hewlett-Packard\HP Operations Orchestration\studio\tools\shell-wizard.bat, give it the credentials of you regular user and ip to the linux box you are trying to do this on, go through the commands, don't add extra "steps" and it will create a flow for you. NOTE *** be careful, if you use the backspace key, the commands will come out in a non pretty state as it will do the ascii charter sets, just start again. Also note, this will create a ssh v1 shell but the commands can be placed into a v2 shell just fine. Sometimes the wizzard will propose a more elegant solution like expectalwaysends # or something along those lines and then you just do send commands.

I would highly recommend use the ps-wizard.bat for powershell commands if you are doing windows until you get the feel for how it works.

 

0 Likes
Established Member.. rrugg00
Established Member..

Re: HP OO 10.x SSH Shell command, trying to su - before execution

Jump to solution

I really appreciate your help on this, but I still can't get it to work.  And thanks btw for that shell-wizard.bat idea, that would have been nice, but that does not even connect to the server!!  This is weird.  I have my SSH command down to bare minimum:

send sudo su
expectEndsWith :
send ${Password}
expectEndsWith #

Still nothing.  I wish I could screen share with you, this is killing me.  I know it's some little thing I'm missing

RR
0 Likes
Srinivaslogic
Visitor.

Re: HP OO 10.x SSH Shell command, trying to su - before execution

Jump to solution

Enable hidden input readTimeout. This will help you.

HTH,

Sri

 

0 Likes
scuda20 Super Contributor.
Super Contributor.

Re: HP OO 10.x SSH Shell command, trying to su - before execution

Jump to solution

As someone else pointed out, the hidden readTimeout can help. I have putty and pscp on my Studio win7 desktop but I honestly don't think I did any configuration to point to it.

If you don't already have it, you can create a Dev project, create a single flow with the ssh command, deploy to Central and then create a remote debugger connection so you can run the flow from Central to test. Don't mean to be captain obvious if you have already done that.

Established Member.. rrugg00
Established Member..

Re: HP OO 10.x SSH Shell command, trying to su - before execution

Jump to solution

Hey, So I finally figured out where the error is.  I'm following your example and the SSh Shell is very basic...

send sudo su
expectEndsWith :
send ${Password}
expectEndsWith #
send whoami

The problem is this way, it doesn't work.  I'm not sure where you are setting your password variable, but I made mine a Constant under System Properties.  I modified the command by typing the actual password after the send, and THAT WORKS!

So obviously I need to make my password a flow variable somewhere?  and not a constant?

RR
0 Likes
scuda20 Super Contributor.
Super Contributor.

Re: HP OO 10.x SSH Shell command, trying to su - before execution

Jump to solution

I think you probably just need to reference it. I have several custom CP's, one being custom API's and all of my user system accounts. See the screen shot for the SSH Shell. On the inputs I reference username/password and under "otherwise" I selected "System Account" and pointed to my SSH_USER system account. When doing that, make sure you select Password for the Credential Type as it will default to Username which is the first variable in the System Account.

Then in your "command" you can reference ${password}.

 

0 Likes
Established Member.. rrugg00
Established Member..

Re: HP OO 10.x SSH Shell command, trying to su - before execution

Jump to solution

Good morning,

So I got it to work finally.  The lucky part is I actually had a step previous to the SSH Shell, and I just created an Output as a Flow Variable, and referenced that variable in the SSH Shell as ${Password}  I would like to know though how to set that if the SSH Shell was my first operation and I had no previous step to create a variable with?

RR
0 Likes
scuda20 Super Contributor.
Super Contributor.

Re: HP OO 10.x SSH Shell command, trying to su - before execution

Jump to solution

It all depends on how you want to manage it:

1.) At the flow level at the bottom, click properties and add an input to the flow iteself (this is static and not very flexible)

2.) Statically set it on the operation (don't recomend this due to not being very flexible)

3.) On your CP, add System Account as outlined previously which exposes it to the OO GUI, you can then easily change it via the OO GUI -> Content Management -> Configuration Items -> System Accounts before running the flow

4.) Create a definition file on OO, read in. I do this with AD accounts in the 100's (Test scenarios, non production) so that you can upload a text file to be read in, and the flow will create accounts via AD or through Exchange via creating the mailboxes

5.) Lastly, if not using along with CSA, have it prompt for the password

From a testing, training and evalution standpoint, I use option 3 as i standardized all my virtual templates to utilize the same password, and via definition files like in option 4 to change the account passwords as the last step before a class, training or scenario.

Hope that helps. See picture of option 3 System Accounts that have a deployed value and a Central value, between my clouds they have different passwords so when I deploy to Cloud 1, I leave the deployed value and I override on Cloud 2.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.