Bash action on linux - command runs fine local but not as bigfix action

Content Authoring
1

I can run the following script locally and works fine

echo "HOST,UserName,IsDiabled,PassLastSet" >/opt/BESClient/bin/ciplinux.csv ; for user in $(cut -f'1' -d':' /etc/passwd); do echo "hostname,sudo passwd -S $user"; done | sed 's/ /,/g' | cut -f1-4 -d',' | sed 's/LK/DISABLED/' | sed 's/PS/ENABLED/' >> /opt/BESClient/bin/ciplinux.csv

output in file

HOST,UserName,IsDiabled,PassLastSet
IEMLinux.localdomain,root,ENABLED,2014-03-31
IEMLinux.localdomain,bin,DISABLED,2012-03-22

But when I run this within Bigfix action command below I am missing everything but the host name
output in file

HOST,UserName,IsDiabled,PassLastSet
IEMLinux.localdomain,
IEMLinux.localdomain,

bigfix action

// Enter your action script here
//ADD CODE HERE TO CREATE "CIPcombinedaccounts.csv" FILES.
delete __appendfile
if {name of operating system contains "inux"}
appendfile #!/bin/sh
appendfile echo "HOST,UserName,IsDiabled,PassLastSet" >/opt/BESClient/bin/ciplinux.csv ; for user in $(cut -f'1' -d':' /etc/passwd); do echo "`hostname`,`sudo passwd -S $user`"; done |  sed 's/ /,/g' | cut -f1-4 -d',' | sed 's/LK/DISABLED/' | sed 's/PS/ENABLED/' >> /opt/BESClient/bin/ciplinux.csv
delete "hostname.sh"
delete "{pathname of parent folder of client}/ciplinux.csv"
move __appendfile "hostname.sh"
wait chmod +x hostname.sh
wait ./hostname.sh
endif
2

from the agent log file

At 13:32:58 -0700 - actionsite (http://itemserver.training.tivoli.edu:52311/cgi-bin/bfgather.exe/actionsite)
   Command succeeded delete No '/var/opt/BESClient/__BESData/CustomSite_NERC_CIP_V5/__appendfile' exists to delete, no failure reported (action:4953)
   Command succeeded appendfile #!/bin/sh (action:4953)
   Command succeeded (file created) appendfile #!/bin/sh (action:4953)
   Command succeeded appendfile #!/bin/sh (action:4953)
   Command succeeded appendfile echo "HOST,UserName,IsDiabled,PassLastSet" >/opt/BESClient/bin/ciplinux.csv ; for user in $(cut -f'1' -d':' /etc/passwd); do echo "`hostname`,`sudo passwd -S $user`"; done |  sed 's/ /,/g' | cut -f1-4 -d',' | sed 's/LK/DISABLED/' | sed 's/PS/ENABLED/' >> /opt/BESClient/bin/ciplinux.csv (action:4953)
   Command succeeded delete "hostname.sh" (action:4953)
   Command succeeded delete "/opt/BESClient/bin/ciplinux.csv" (action:4953)
   Command succeeded move __appendfile "hostname.sh" (action:4953)
   Command started - wait chmod +x hostname.sh (action:4953)
   Command succeeded (Exit Code=0) wait chmod +x hostname.sh (action:4953)
   Command started - wait ./hostname.sh (action:4953)
   Command succeeded (Exit Code=0) wait ./hostname.sh (action:4953)
At 13:32:58 -0700 - 
   ActionLogMessage: (action:4953) ending action
At 13:32:58 -0700 - mailboxsite (http://itemserver.training.tivoli.edu:52311/cgi-bin/bfgather.exe/mailboxsite3479269)
   Not Relevant - Custom linux account testing (fixlet:4953)
3

I expect the ‘sudo’ command may be interrupting the script, perhaps by opening a new shell. Since the BigFix client is already running as root, you may be able to execute the command without sudo.

1 Like
4

I agree with @JasonWalker and I would recommend trying it without sudo.

Also, what is your desired result, and what does it represent?

It is very possible that you could get this entirely with relevance without the need to run this at all, and if so, that is what I would recommend.

5

The agent is running with enough privilege so you don’t need to use sudo.
Also be aware that the agent’s environment is not the same as when you login with a shell.
Check to see if this is an issue.

related posts

6

Thanks for pointing out “sudo” as that was the cause of the issue. I over looked that this as the agent does run as root. Thanks for the additional education tips which are always much appreciated. As always everyone’s support is what also makes BigFix so great. Your always there. Have a great memorial weekend.

1 Like
7

Thanks for pointing this out as this is important to know. This was very useful information.