bBox_Shell command on FM Server error with sudo

[gczychi]

Hi,

I'm running bBox_Shell commands (from Beezwax plug-in https://www.beezwax.net/products/bbox/wiki/main) which is running on a FileMaker Server 17 (with Perform Script on Server). bBox_Shell itself runs fine, but whenever I try to do a sudo to another user, bBox_shell returns a question mark "?" instead of the expected result (see examples below). The exact same shell commands run perfectly fine in an interactive shell.

In order for sudo to work for the fmserver user, I added the following to the sudoers file:
Defaults:fmserver targetpw, timestamp_timeout=0, passwd_tries=1
Host_Alias FMSHOST = mms.local
fmserver    ALL = (ALL) ALL
fmserver FMSHOST = (ALL) /Library/FileMaker\ Server/*, /bin/kill

As I said, in an interactive shell everything works fine:

mac:~ admin$ whoami
admin
mac:~ admin$ echo -n "password" | sudo -S -u fmserver -s whoami
fmserver
mac:~ admin$ sudo -su fmserver
bash-3.2$ whoami
fmserver
bash-3.2$ sudo -u admin -s whoami
admin
bash-3.2$ whoami
fmserver
bash-3.2$ echo -n "password" | sudo -S -u admin -s whoami
admin
bash-3.2$ echo -n "password" | sudo -S -u admin -s ssh [email protected] "mysql -uroot -ppassword -e 'USE mydb; SHOW TABLES;'"
Tables_in_mydb
...

When I issue the exact same commands using bBox (on FMS using Perform Script on Server), I get the following results:
bBox_Shell ( 0 ; "whoami")
fmserver
bBox_Shell ( 0 ; "echo -n \"password\" | sudo -S -u admin -s whoami")
?

Why does bBox differ from the interactive shell? What am I missing? Thanks a lot for any insight!

 

[maxwellk2]

@gczychi, did you ever sort this out? I'm having the exact same issue with BaseElements BE_ExecuteSystemCommand. I've tried every permutation, been at it so many hours I'm starting to wonder whoiam.

Aside from the "?",I have been able to get BE_ExecuteSystemCommand to respond with...

Password:Sorry, try again.
Password:
sudo: no password was provided
sudo: 1 incorrect password attempt

...it doesn't seem to be actually echoing the password, I think its just pushing the whole command into the password prompt.

[gczychi]

No, I still didn't find a solution yet.

However, there might be another approach:  If you install FMS on an existing user account, it should work, you probably won’t need sudo.

The only problem is that this user needs to be in the daemon group and I don’t know how to do it.

I’ll post when I find a solution.

[gczychi]

OK, I have finally found the solution! You need to create a new Mac user that is in the daemon group:

1) Open Terminal window and invoke su

sudo su

2) Paste the following commands to create user «fms» in the group «daemon»:

dscl . -create /Users/fms
dscl . -create /Users/fms UserShell /bin/bash
dscl . -create /Users/fms RealName "FileMaker Server User"
dscl . -create /Users/fms UniqueID "510"
dscl . -create /Users/fms PrimaryGroupID 1
dscl . -create /Users/fms NFSHomeDirectory /Local/Users/fms
dseditgroup -o edit -a fms -t user daemon

3) Check if the user has been created (still sudoer)

dscl . -list /Users

4) Add the new user fms to the sudoers file by inserting the following line (still being a sudoer).

visudo

5) Add this line. The editor is vi -- you can insert the line with "i", then <esc> and then write "w" and quit "q" vi.

fms ALL=(ALL) NOPASSWD:ALL

6) Now, give the new user a password using the Mac System Preferences (or System Settings, depending on your OS)

7) Finally, the FileMaker Server software can be installed. Use the newly created user for that.

8 ) In FileMaker server, install the necessary plugins.

 

Hope this helps