Using expect with other custom functions

dassv · January 31, 2012, 7:42am

Hi All,

I am trying to use expect command in my shell script and it works fine if I have only expect. To it if I add a custom function which calls a PL/SQL procedure the shell errors saying

invalid command name "File_Entry()"
    while executing
"File_Entry()"

In the script the first line I have is

#!/opt/sfw/bin/expect -f

(the path where I have my expect utility)
If I remove this the script errors at my expect lines.

File_Entry is a custom function added to make an entry of the file transferred into a table. Like wise I will be doing few more activities by calling few more custom functions before and after sftp. The sftp script will be spwaned in the script as

proc connect {FTPPWD} {
  expect {
    "Password:" {
      send "$FTPPWD\r"
        expect {
          "sftp*" {
            return 0
          }
        }
    }
  }
  # timed out
  return 1
}

file_entry()
{
....
}

spawn sftp $FTPUSER@$FTPSERERVER 
set ftpstat [connect $FTPPWD]
if { $ftpstat == 0 } {
  send "cd $filepath\r"
  set timeout -1
  send "mget *abc.csv\r"
  send "quit\r"
  expect eof
  exit 0
}

How to over come this error and make the script to execute both my expect as well the custom function :wall:

Thanks in advance

Corona688 · January 31, 2012, 11:20am

Why are you using expect when you don't even need to bruteforce a password into something? Just use shell so you can use the command as designed, and it'll work much easier -- no expect histrionics at all. It gets what you type, period.

#!/bin/sh

sftp username@host <<EOF
cd $filepath
mget *abc.csv
quit
EOF

If you were using sftp to bruteforce the password into it, sftp designed to prevent you from using stored plaintext passwords for a reason -- that's why you need a third-party brute-forcing utility like expect to even attempt to input passwords in such an insecure way. "interactive password authentication" is supposed to mean "password typed by a human in realtime authentication" and nothing else will do.

You can save yourself a lot of trouble by using noninteractive sftp authentication as it was intended -- keys. You can find "passwordless ssh" tutorials all over the internet that will have the same effect on sftp. Then you can just log in without a password or any expect-based histrionics, and don't need to store your password in any manner for everyone to see.

dassv · February 1, 2012, 4:23am

thanks for your input Corona688.
I had tried earlier genrating public-private key and placed the public key in the remote server to which I connect. When I run the shell script as a concurrent program (from oracle apps) I get the following error

 
ssh_askpass: exec(/usr/lib/ssh/ssh-askpass): No such file or directory
Write failed: Broken pipe
Connection closed

So I was looking for passing the password and get connected to the remote server

Corona688 · February 1, 2012, 9:06am

The key needs to belong to the same user ssh is being run under and be stored in a manner that only they can access it. In other words, a copy of the key that belongs to the user you're running it under with Oracle, with the same permissions otherwise. And tell it how to get to the key with -i.

Sledgehammering in a password in an insecure manner with a third-party brute-forcing utility is not the answer.

dassv · February 2, 2012, 12:24am

Thanks Corona, I have raised the request to the unix team to do the configuration. Will check it after they do the settings