0

I log in to multiple Linux hosts on everyday basis using my LDAP username and then sudo su to ROOT and ORACLE user and check the database status.

As I do this everyday basis on many Linux hosts, I am curious to see whether I can run all commands in single command line? I tried following, but it didn't help how to execute multiple commands after sudo command

Example: After I login using my LDAP user to Linux Host, I want to run following commands in one single command

sudo su - root -c "su - oracle; ps -ef |grep pmon; crsctl stat res -t "

After login to root, then need to switch to oracle user and then run commands

CoolChap007
  • 15
  • 4

1 Answers1

0

The reason your command as written doesn't work is because you don't actually run your monitoring commands as the oracle user.

The command you give to the first su invocation, su - oracle; ps -ef | grep pmon; crsctl stat res -t, attempts to do three things in sequence as root: firstly, it calls su to spawn an interactive shell as oracle; after this shell exits, it runs the ps pipeline; finally, it runs the crsctl command. Since the monitoring commands run after the second su has finished, they run as root, which isn't what you want.

The smallest change to your command that will make it work is the following:

sudo su - root -c "su - oracle -c \"ps -ef | grep pmon; crsctl stat res -t\""

(Note that you need to escape the inner pair of quotes with backslashes so that they don't end the outer quoted string.) However, you can simplify this command significantly: the first optimization you can make is to get rid of the first su call. You don't need it, because you're already root from sudo:

sudo su - oracle -c "ps -ef | grep pmon; crsctl stat res -t"

You can still make it better, though. If sudo is configured to allow you to switch to any user (not just root), you don't need to use su at all. Instead, just specify the user you want using sudo -u:

sudo -u oracle sh -c "ps -ef | grep pmon; crsctl stat res -t"

(Note that you need to add an explicit call to sh so that you can run the entire set of commands as oracle and not just the first one. sudo's documentation claims that you can use its -i or -s options for this, but they didn't work as documented in my tests.)

If you want to keep an interactive shell as the oracle user after this command, you can simply make the last command sudo runs be an interactive shell. In this case, you probably also want to pass -i to sudo so that the interactive shell has the login environment of oracle:

sudo -i -u oracle sh -c "ps -ef | grep pmon; crsctl stat res -t; $SHELL"
Tom Hebb
  • 991
  • 1
  • 8
  • 14
  • Thanks for suggestion. 1. Main reason to login as a root is to run commands as root and as oracle without prompting password again from my ldap.So,I would prefer to first login as root and then switch to Oracle. 2. The above 2 commands run those 'crsctl' and 'ps' command as oracle, but i remain in my ldap account. however, I want login as root first and then oracle and remain in as oracle user to run those commands. could you pls help on this. – CoolChap007 Aug 29 '17 at 21:10
  • Did you try the commands I gave? None of them should ask for any password apart from the initial `sudo` one, just like your original command. I'm not sure I understand your second point: do you mean that you want to keep an interactive shell as `oracle` after the two commands are run? – Tom Hebb Aug 29 '17 at 21:16
  • Yes.It doesn't ask password, but it still remain in my ldap session, doesn't login into root-->oracle session. Yes.I want to login into oracle and remain in the oracle session to run interactive commands... I dont want to simply run all commands from my ldap user...i want to login as root --> oracle to stay as oracle user – CoolChap007 Aug 30 '17 at 15:29
  • I edited my answer. Does the last command do what you want? As an aside, is there a specific reason you want to go from your user to `root` then to `oracle`? The last three commands in my post, as I explained, skip `root` entirely and go straight to `oracle`. If there's some reason you need to go through `root` on the way, let me know and I'll edit the answer. – Tom Hebb Aug 30 '17 at 16:06
  • Thanks Tom for fixing, the last command works, however, i still prefer to login to root first and then oracle to run interactive commands as oracle user. The reason is, there will be many commands to run as root and as oracle. So, if i login as root and switch to oracle, then i will be able to switch back and forth without password. else, i will be on my ldap user session when exit from oracle and `sudo su - root` will prompt for the password. Please let me know if any questions. Thanks again for your help :) – CoolChap007 Aug 31 '17 at 14:50