I motto is to check if my id "user1" has sudo privileges on the 3000 servers. I m using sudo -l to check if I have privileges or not. If wish to check this either non-interactively; if not; interactively.
Below is the script I wrote:
newinput="server.txt"
while IFS= read -r var
do
echo " Variable is:"$var
sshpass -p mypassword ssh -t user1@$var 'echo "mypassword" | sudo -S -l; echo $?; exit'
done < "$newinput"
However; after returning non-zero for echo $? the script does not traverse through the list and checks only the first server.
Could you propose a feasible solution to the problem ?
It is a much better solutions, in my view, to run a cron script on each server and send the data back to a repository. Or at a minimum to run a cron script and to stage the data before it is "polled" from somewhere.
If you don't have control of your architecture and network systems engineering, I can't help you.
I know different systems may have different policies with respect to sudo-er lists, but would it be possible to check to see if you are in the sudo group on each system?
for h in $LIST_OF_HOSTS
do
printf "%s: %s\n" "${h}" "$(ssh ${uname}@{h} /usr/bin/groups)"
done | grep sudo
This only works for systems that put users in the sudo, group and use the sudo group in the sudoers file, which will be the default, I imagine, but a decent, security-minded sysadmin may set up an alternative policy. Having said that, I once installed a SUSE (possibly openSUSE?) system where the user needed the root password to use sudo.