主页 / coding / 问题 / 79411605
Accepted
Ayush Agarwal
Asked: 2025-02-04 19:56:55 +0800 CST

我希望我的脚本按照文件中的格式写入 $

  • 772

这是我的脚本的一部分

sudo bash -c "printf '%s\n' \
'user-test:' \
'  hash: \"$HASHED_PASSWORD\"' \
'  reserved: true' \
'  backend_roles:' \
'    - \"admin\"' \
'  description: \"admin user\"' >> /etc/opensearch/opensearch security/internal_users.yml"

$HASHED_PASSWORD‍‍‍使用usr/share/opensearch/plugins/opensearch-security/tools/hash.sh

它以这种格式生成 $2y$12$M44wSxuwYbYRUqRKf1IUAuY5jvBlh4tu5XVx7/PO6SqvPjuXzJaCK

我希望将这个精确的值写入/etc/opensearch/opensearch security/internal_users.yml文件中,但无法做到这一点,因为 $2、$12、$M 被视为变量。

实际的写法是这样的。

user-test:
  hash: "y2/PO6SqvPjuXzJaCK"
  reserved: true
  backend_roles:
    - "admin"
  description: "admin user"
bash

2 个回答

  1. 最好将其作为参数传递给你的 bash 脚本,而不是直接插入它:

    HASH='$2y$12$M44wSxuwYbYRUqRKf1IUAuY5jvBlh4tu5XVx7/PO6SqvPjuXzJaCK'
bash -c 'printf %s\\n "$1"' script "$HASH"
    • 1
  2. Best Answer

    这全是关于引用。

    我创建了一个本地文件来测试它。

    $: cat tst
#! /usr/bin/env bash
set -x
bash -c "printf '%s\n' '
user-test:
  hash: \"${1:-${HASHED_PASSWORD:?Password Not Set}}\" # arg 1st, env 2nd, else bail
  reserved: true
  backend_roles:
    - \"admin\"
  description: \"admin user\"
'"

    如果密码数据未在环境中导出或传入,则会失败。

    $: ./tst
./tst: line 3: HASHED_PASSWORD: Password Not Set

    传递它 -

    $: ./tst "$tmp"
+ bash -c 'printf '\''%s\n'\'' '\''
user-test:
  hash: "$2y$12$M44wSxuwYbYRUqRKf1IUAuY5jvBlh4tu5XVx7/PO6SqvPjuXzJaCK" # arg 1st, env 2nd, else bail
  reserved: true
  backend_roles:
    - "admin"
  description: "admin user"
'\'''

user-test:
  hash: "$2y$12$M44wSxuwYbYRUqRKf1IUAuY5jvBlh4tu5XVx7/PO6SqvPjuXzJaCK" # arg 1st, env 2nd, else bail
  reserved: true
  backend_roles:
    - "admin"
  description: "admin user"

    (是的,我在 yaml 中添加了一条解释性注释,但它也是一个 yaml 注释。)

    您可以内联设置值 -

    $: HASHED_PASSWORD='$2y$12$M44wSxuwYbYRUqRKf1IUAuY5jvBlh4tu5XVx7/PO6SqvPjuXzJaCK' ./tst
+ bash -c 'printf '\''%s\n'\'' '\''
user-test:
  hash: "$2y$12$M44wSxuwYbYRUqRKf1IUAuY5jvBlh4tu5XVx7/PO6SqvPjuXzJaCK" # arg 1st, env 2nd, else bail
  reserved: true
  backend_roles:
    - "admin"
  description: "admin user"
'\'''

user-test:
  hash: "$2y$12$M44wSxuwYbYRUqRKf1IUAuY5jvBlh4tu5XVx7/PO6SqvPjuXzJaCK" # arg 1st, env 2nd, else bail
  reserved: true
  backend_roles:
    - "admin"
  description: "admin user"

    或者导出 -

    $: export HASHED_PASSWORD='$2y$12$M44wSxuwYbYRUqRKf1IUAuY5jvBlh4tu5XVx7/PO6SqvPjuXzJaCK'
$: ./tst
+ bash -c 'printf '\''%s\n'\'' '\''
user-test:
  hash: "$2y$12$M44wSxuwYbYRUqRKf1IUAuY5jvBlh4tu5XVx7/PO6SqvPjuXzJaCK" # arg 1st, env 2nd, else bail
  reserved: true
  backend_roles:
    - "admin"
  description: "admin user"
'\'''

user-test:
  hash: "$2y$12$M44wSxuwYbYRUqRKf1IUAuY5jvBlh4tu5XVx7/PO6SqvPjuXzJaCK" # arg 1st, env 2nd, else bail
  reserved: true
  backend_roles:
    - "admin"
  description: "admin user"

    我将整个 yaml 字符串放在一组外部单引号中,并嵌入换行符以简化操作。使用它的命令放在双引号中,这样单引号就只是字符串中的数据,并且它是双引号插入的,因此 var作为数据进入,不会重新插入。所有这些都传递给bash -c,所以它可以正常工作。

    因人而异。

    • 1

相关问题