0

I have a bash script that include "npm start" , and i run this bash from a telegram API remotely, normally does not work. but if i just login to the root user in console of my debian-stretch , that API does work ! so where is my problem ? thanks

this code is in bash :

#!/bin/bash
screen -dm sudo npm start --prefix /root/gbot/
Nima Zand
  • 1
  • 3

1 Answers1

0

I didn't use Telegram API before. However I think you are facing the problem of root permission.

Running from a remote API may not use a root user (which seems can lead to a vulnerability problem). Then if you execute a command that needs sudo, it will ask you to input the root password to temporary gain a root privilege. However, if you are using a remote API, you may not have a way to input this root password, which leds you not able to get a root privilege, then you have no permission to run anything related to sudo.

To solve this, you may use command expect to automatically send the root password to the process of asking the password. However this may leads to a vulnerability.

A better solution may be changing the privilege (chmod) of this npm repo, or move it to some place where is more safety and don't need a too high privilege (may use chmod too).

Geno Chen
  • 4,916
  • 6
  • 21
  • 39
  • I really appreciate your help in resolving the problem. i have many bash like this with "sudo" that work remotely , but this is my first "npm" , i think the problem is in npm reference, or installation address. that do not recognize the npm. – Nima Zand Jul 04 '18 at 21:07
  • @NimaZandKarimi Could you try to output the error stream to see why it is "does not work"? – Geno Chen Jul 04 '18 at 23:26
  • i use this method and don't get any things : screen -dm sudo npm start --prefix /root/gbot/ 2> bot6.log 1> bot7.log 3> bot8.log – Nima Zand Jul 05 '18 at 15:16