[clug] Problem with sudo

Alex Satrapa grail at goldweb.com.au
Thu Jul 7 01:19:39 MDT 2011

On 06/07/2011, at 15:05 , steve jenkin wrote:

> I've read the sudoers man page on my local machine [going to be a
> different version to yours] and sudoers supports two quoting mechanisms:
> - \x [as you found]
> - "..." [double quotes]

The shell strips quotes, and attempts to evade that end up with sudo passing the quotes into asterisk. Thus instead of running the command 'sip reload', the script tries to run the command '"sip reload"', to which asterisk responds by stating that there is no such command '"sip'. Using the backslash-escape mechanism means the shell doesn't interfere, SSH doesn't interfere, and Asterisk doesn't complain.

> The good news for you with PERL doing an exec, is that, IIRC, it uses
> the "system()" call, which doesn't "exec()" directly, but calls the
> default shell to expand the string then exec it.

There are two ways to invoke system():

system("sudo asterisk -rx 'sip reload'"); # Invokes a shell, passes the entire string to the shell


system("sudo", "asterisk", "-rx", "sip reload"); # Invokes exec directly, parameters are passed as-is

Nothing against shells, but sometimes they really do get in the way when they're trying to be too helpful. I have plenty of experience with the vagaries of shell escaping, since I have been using spaces in file and directory names since I started using Unix. Yeah, I'm one of those guys who quickly learned about the '-0' option to xargs and '-print0' for find :)

Thanks for all the responses folks, hopefully this thread will be useful to someone in the future.


More information about the linux mailing list