From: "Lan Barnes" <[EMAIL PROTECTED]>
On Fri, December 1, 2006 1:32 pm, Gabriel Sechan wrote:
> Not allowed by the security team, or I would.
>
> Gabe
>
I wonder how they're going to respond to expect? The underlying rule of
many security teams seems to be "you're not allowed to be able to do that
even if you can do that."
Why, I don't think I asked. Funny that.
I have a situation where my team needs to do this by hand several times a
week. We're tired of it. We aren't ready to give the users the tool yet,
but we'd rather type 1 command on 1 box than 7 or 8 on two machines (and
frequently forgetting the last step as its non-obvious). My boss wants this
automated as well. Given corporate culture, I'm more likely to get an award
for just getting it done than to get reprimanded. Besides, I think the real
issue the security team had was that noone was typing passwords to do it.
We still use ssh daily, just not passwordless or key based ssh.
I don't need to say that debugged expect scripts should be 700 to the user
and called with a fully qualified path? Naw, no need to say that to Gabe.
FWIW, the expect learning curve, while not excessive as these things go,
is a bit steep for a one off program, but expect itself is so handy,
you'll be glad you took the time. And there's a wish with expect that lets
you wrap perty GUIs around automated interactions, for the truly mentally
impaired users (PHBs).
Yeah, I've been meaning to learn the tool. And as to that, I have a
question on how to do one part of it. I want the user to input his password
(I'm not hard coding mine). For security, I'd like to have the usual
password mechanics- as you type no text appears in the terminal. How do I
do this in expect?
Gabe
_________________________________________________________________
Get free, personalized commercial-free online radio with MSN Radio powered
by Pandora http://radio.msn.com/?icid=T002MSN03A07001
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-lpsg
