Open main menu

CDOT Wiki β

Changes

OPS445 Online Lab8

8 bytes added, 08:44, 20 March 2022
m
PART 2: running privileged commands on remote machines
== PART 2: running privileged commands on remote machines ==
: <font color='red'><b>**WARNING** Run Runnig privileged commands incorrectly with sudo may cause irreparable damage to your remote machine.</b></font>
: We say that running an ad-hoc fab command is very similar to the SSH command with shell commands attached at the end. Let's try both with privileged commands, like the "yum" command.
=== Run the "yum" command on remote machine with SSH ===
: # By default, your VM doesn't have the "tree" rpm package installed. You can verify this with the following SSH command (remember to replace the port number with the correct value for your VM):<source lang='bash'>
[raymond.chan@mtrx-node05pd lab8]$ ssh -p 7200 student@myvmlab.senecacollege.ca "yum list tree"
Loaded plugins: fastestmirror
</source>
: Please note that the tree package is "Available", but not yet installed.
: # Let't s try to install the "tree" package with the shell command "yum install tree -y":<source lang='bash'>
[raymond.chan@mtrx-node05pd lab8]$ ssh -p student@myvmlab.senecacollege.ca "yum install tree -y"
Loaded plugins: fastestmirror
You need to be root to perform this command.
</source>
: # Using the "yum" command to query rpm package doesn't need special privilege, however, it does when you try to install or remove rpm packages. : # Your "student" account on your VM was configured to allow you to run the "sudo" command to perform software management using the "yum" command. LetSo, let's login to your VM and try the following "sudo" command to install and then remove the "tree" rpm package:<source lang='bash'>
[raymond.chan@mtrx-node05pd lab8]$ ssh -p 7200 student@myvmlab.senecacollege.ca
Last login: Fri Jul 3 16:51:07 2020 from mtrx-node05pd.dcm.senecacollege.ca
[student@centos7 ~]$
</source>
: # Please note that when you run the "sudo" command the first time, it asks you for the user's password (i.e. user student's password). Let's now remove the "tree" package:<source lang='bash'>
[student@centos7 ~]$ yum remove tree -y
Loaded plugins: fastestmirror
[student@centos7 ~]$
</source>
: # The above tests confirmed that the student user is allowed to execute the sudo command to run the yum command to install and remove rpm packages. Now , let's logout from the VM and go back to matrix. On matrix, try to run the sudo command using SSH:<source lang='bash'>
[student@centos7 ~]$ exit
logout
[raymond.chan@mtrx-node05pd lab8]$
</source>
: # The above error indicated that you need a tty for the SSH session to prompt you for the sudo password. Please look up the ssh man page to find out the option which turn on a tty for the SSH session.
=== Run the privileged yum command on remote machine using ad-hoc fab command ===
: # Let's try the corresponding ad-hoc fab command on your VM:<source lang='bash'>
fab --host=myvmlab.senecacollege.ca --port=7200 --user=student -- 'sudo yum install tree -y'
</source>
: # Type in your user student's password when prompted for "sudo password", the '''yum install''' command should be executed successfully and install the '''tree''' rpm package. If the tree rpm package is already installed, you can remove it with the following ad-hoc fab command: <source lang='bash'>
fab --host=myvmlab.senecacollege.ca --port=7200 --user=student -- 'sudo yum remove tree -y'
</source>
572
edits