How do I run a cat command under sudo in a linux SSH probe?

Go to solution
HugoFirst
Kilo Sage

‎12-04-2015 01:16 PM

I have a need to capture the contents of some files on Linux systems using Discovery probes.

I succeeded in using "cat filename"   for files which are openly accessible.

I now need to capture some files which are secured for root access.

I'm trying to use SUDO with the command, but it's not working.

The most common error I get back is "User has no right to use this command with sudo: sudo /bin/cat /etc/grub.conf".

Note that I have logged on as the discovery user and manually run just that command with no problem.

I added probe parameters for debug and debug_ssh, but so far, I'm finding nothing in the log file and there is no ssh.log file under .../agent/logs/

I've tried combinations of values in the ECC Queue Name of "/bin/cat /etc/grub.conf" and "sudo   /bin/cat /etc/grub.conf" and I've varied the use of the probe parameter "must_sudo".

All to no avail.

So I'm open to whatever advice you are willing to lend.   Whether to fix or to help debug.

Thanks in advance for your help.

Labels:
0 Helpfuls
  • 7,493 Views
1 ACCEPTED SOLUTION

Go to solution
tony_barratt
ServiceNow Employee
ServiceNow Employee

‎12-05-2015 09:20 AM

Hi Steve,



There is a wiki article here


Credentials - ServiceNow Wiki



Which explains what entries are required in /etc/sudoers to facilitate running commands with rootly powers


such as


Disco ALL=(root) /sbin/dmidecode



So I reckon if


Disco ALL=(root) /bin/cat


was added to the /etc/sudoers



then sudo /bin/cat   /etc/grub.conf


would succeed.



Not sure if a request to facilitate reading all files on a server would be successful, if you had some specific files you wanted to cat you could request


that a line for each file you wanted cat-ed, like so:    


Disco ALL=(root) /bin/cat /etc/grub.conf



Just so you know, the above suggestions are based on my linux/unix knowledge not an in-depth knowledge of ServiceNow discovery.



Best Regards



Tony






View solution in original post

12 REPLIES 12

Go to solution
tim_broberg
ServiceNow Employee
ServiceNow Employee
In response to HugoFirst

‎12-09-2015 09:10 AM

Ooh, interesting. Thanks for the details. Darned if I know what happened there, but I'll pass it along to an expert.


0 Helpfuls

Go to solution
tim_broberg
ServiceNow Employee
ServiceNow Employee
In response to HugoFirst

‎12-14-2015 09:33 PM

Steve, it looks like you had a space left in the script field, so it didn't regard the script as empty.



If you delete the space, does it go away?


    - Tim.


Go to solution
HugoFirst
Kilo Sage
In response to tim_broberg

‎01-04-2016 01:12 PM

Yes it did.   Thanks for the advice and sorry for the delay in responding back to you.


I was out for the holidays.