我需要从C#.NET应用程序中使用tomcat用户运行shell脚本(tomcat的关闭脚本)。
我尝试使用WinSCP .NET程序集。我可以通过DirectoryServiceSpecs userServiceSpecs = new DirectoryServiceSpecs()
{
CertificateFilePath = Path.GetDirectoryName(Application.ExecutablePath) + "\\Certificates\\" + gappsSchool.CertificateFile,
PrivateKey = gappsSchool.PrivateKey,
ServiceAccountId = gappsSchool.ServiceAccountId,
ServiceAccountUser = gappsSchool.ServiceAccountUser,
Domain = gappsSchool.EmailDomain,
ServiceScope = DirectoryService.Scopes.AdminDirectoryUser.GetStringValue()
};
DirectoryServiceClient userServiceClient = new DirectoryServiceClient(userServiceSpecs);
User user = new User();
user.Name = new UserName();
if (userNames.Length > 1)
{
user.Name.FamilyName = lmsUser.Name.Replace(userNames[0], "").Trim();
user.Name.GivenName = userNames[0];
}
else
{
user.Name.FamilyName = "N.A.";
user.Name.GivenName = userNames[0];
}
user.Name.FullName = lmsUser.Name;
user.Password = lmsUser.Password;
user.PrimaryEmail = lmsUser.EmailAccount + "@" + gappsSchool.EmailDomain;
if (Properties.Settings.Default.LMSPasswardHashAlgorithm.Trim() != string.Empty)
user.HashFunction = "MD5";
user = userServiceClient.CreateUser(user);
trackEntries.Add(new TrackEntry()
{
EmailAccount = lmsUser.EmailAccount,
SchoolName = gappsSchool.Name,
Status = "Success",
Error = ""
});
log.Info("Successfully created user \"" + lmsUser.EmailAccount + "\" (" + lmsUser.Id.ToString() + ", " + gappsSchool.Name + ").");
userServiceClient.CreateUser(user);
登录并运行命令。
但是如何使用我用于登录SSH服务器的相同密码首先运行ssh?
安全的解决方案会很棒(日志文件或bash历史记录中没有密码)!
也许是其他任何解决方案而不是WinSCP .NET程序集?
答案 0 :(得分:0)
sudo / su不可自动化。有充分的理由。
所以任何解决方案都将是一个肮脏且不可靠的黑客。
如果您需要允许自动运行某些命令,请允许它在sudoers中没有密码的情况下运行。这是正确而透明的解决方案。