从 Java 以不同用户身份运行 UNIX 命令
试图编写一个能够以其他 UNIX 用户身份运行 UNIX 命令的 Java 程序.我有用户的密码,并且知道要运行的命令,但是该命令必须以该用户身份运行 - 所以我必须先以该用户身份登录.
Trying to write a Java program capable of running a UNIX command as a different UNIX user. I have the user's password, and I know the command I want to run, but the command has to be run as that user - so I have to login as that user first.
例如:假设我们有一个用户 jim,他想查看 bob 的主目录中的内容,并且(无论出于何种原因)jim 有权执行 ls 而 bob 没有.我们目前以 bob 身份登录.这是我们(可以)做的:
For example: say we have a user, jim, who wants to see what's in bob's home directory, and (for whatever reason) jim has access to execute ls whereas bob does not. We are currently logged in as bob. Here is what we (could) do:
bob@host$ su jim && ls ~bob
问题是,系统提示我们输入 jim 的密码.由于这是从 Java 程序运行的,即
Problem is, we get prompted for jim's password. Since this is run from a Java program, i.e.
Process p = Runtime.getRuntime().exec("su jim && ls ~bob");
系统提示我们输入 jim 的密码并挂断了电话.我们知道吉姆的密码.但是,我进不去.
we get prompted for jim's password and hung up. We know jim's password. However, I can't enter it.
此外,我们不能使用 Expect 脚本(没有安装它),我们也不能成为超级用户.我还研究过使用 SSH 来尝试这个,因为我们在技术上可以做到
Additionally, we can't use an Expect script (don't have it installed) and we can't become the superuser. I also looked into using SSH to try this, since we could technically do
bob@host$ ssh jim@host "ls ~bob"
但这也不起作用,因为我没有设置无密码 SSH 的权限.
but this also doesn't work since I don't have permission to setup passwordless SSH.
我最后的努力是尝试使用 Java 的 SSH 库,因为 Java 程序可以使用密码,并且我可以使用该密码登录(并执行正确的命令).但是由于我要在同一台主机上运行,这似乎有点矫枉过正.
My last-ditch effort is to try and use an SSH library for Java, since the password is available to the Java program and I would be able to login with that (and execute the proper command). But since I'm going to be running on the same host, it seems like overkill.
有什么建议吗?
P.S:Java版本1.4.2,无法升级;AIX UNIX 5.3.
P.S: Java version 1.4.2, can't upgrade; AIX UNIX 5.3.
推荐答案
问题解决了.使用 JSch (http://www.jcraft.com/jsch/) 通过 SSH 连接到服务器知道用户名和密码,然后执行命令.谢谢大家的建议!
Problem solved. Used JSch (http://www.jcraft.com/jsch/) to SSH into the server with known username and password, and execute command. Thanks all for your suggestions!
相关文章