- How to login as root from Bash and do stuff
- Add User To Sudoers File
- Add User sudo/wheel Group
- List Sudoer User Privileges and Rights
- Run Command As Different User
- Sudo Environment Variables
- Sudo Command Examples
- Run Multiple Commands with sudo
- Compare su vs sudo Command
- Messed Up with Sudoers File
- how to run command in bash as root? [closed]
How to login as root from Bash and do stuff
You can pipe the password and send it in the command inside the script.
But it is not a good idea to send the password in the command line. If you need more information on how to login as root from the script, you can look at the answer provided here.
However, if it is for experimental purposes, we can use the expect to enter the password from command line. The script needs be modified like below.
#!/usr/bin/expect -f spawn sudo -s
The last line is needed since we need to press the Enter after inputting the password. As Tian suggested, it is not a good idea to send the root password in the shell script.
Take a look at this link. Apparently, you need the -s flag only. stackoverflow.com/questions/11636840/…
Embedding the root password in the script isn't a good idea, from a security point of view, this is probably why su attempts to get it initially from a terminal.
Using sudo is a better route to take, it's more flexible, you can configure it to allow only particular commands, or even certain users to run a program/script with or without using a password ( man sudo ).
@Ketan's reference is also worth reading.
I GOT ANSWER FROM here
Doing this kind of stuff is not safe or standard practice (in fact many consider it disasterous), it is really not a good idea to put a password in a script. A more standard approach would be simply to expect the whole script to be executed with root privileges, or just to have the script prompt for a password. You can also allow various commands to be run via sudo without a password by particular users by using the NOPASSWD option in /etc/suoders .
However, now that you are aware of the risks, it is possible to use sudo -kS to have sudo read the password from stdin :
Linux sudo Command – Run Commands with Root Privileges
sudo command is a special command which is used to execute normal user commands with root privileges without logging as the root user. The sudo term is the short form of the “SuperUser Do” or “substitute user do“. This is not a security problem because in order to execute commands as root the user should have already provided the required privileges in the /etc/sudoers file. If not the user can not execute commands with root privileges. The sudo command also used to run commands with different user privileges. The sudo command provides the root or superuser privileges for only the current command or application. So this means sudo provides temporary administrative rights to the current normal user.
The sudo is create in 1980 but gained popularity in 1994 with the unofficial for called “CU sudo“. Then with extra development by fixing issues, problems and integration with more Linux distributions the name changed into “sudo“.
Install sudo (sudo command not found error solution)
The sudo command is preinstalled in most of the Linux distributions and its core of the daily system adminsitration. But for different reasons it may not be installed or removed in some cases. You will get an error like “sudo command not found error”. The sudo command can be install with the package name “sudo” for the most of the Linux distributions.
Install sudo For Ubuntu, Debian, Mint, Kali:
Install sudo For Fedora, CentOS, RHEL, SUSE:
sudo Command Syntax
sudo command is used at the start of the command which means the root privielges are elevated before the execution of the command.
- PARAMETER is the sudo command parameters.
- COMMAND is the command which will be executed with root or different user privilege.
sudo Parameters
Even sudo command a lot of options or parameters the most popular options are like below.
PARAMETER | DESCRIPTION |
---|---|
-b | Run command background |
-E | Preserve the environment |
-h | Display help information |
-l | List allowed commands |
-n | Run non-interactive |
-s | Run specified shell environment |
-u | Run with specified user privileges other than root |
-V | Print verbose or debug output |
Display sudo Command Help Information
The sudo command provides the -h option in order to list help information with available options. Alternatively the long format of the -h option which is –help can be also used to print help.
Run Command with Root Privilege
According to its syntax, the sudo command can be used to run different commands with the root privileges like below. In the following example, we will print the /etc/passwd content using the cat command. Normally the passwd file can be only read by the root user. The current user password will be asked for authentication. After successful authentication, the password will be cached and will not be asked for a short period.
The output is like below. Where every user in the system is listed with the information like loginshell, userid, home directory etc.
[sudo] password for ismail: root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin man:x:6:12:man:/var/cache/man:/usr/sbin/nologin lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin mail:x:8:8:mail:/var/mail:/usr/sbin/nologin news:x:9:9:news:/var/spool/news:/usr/sbin/nologin uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin proxy:x:13:13:proxy:/bin:/usr/sbin/nologin www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin backup:x:34:34:backup:/var/backups:/usr/sbin/nologin list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
Add User To Sudoers File
In order to use the sudo command the current user should be added to the sudo configuration file named /etc/sudoers . This file stores configuration about the sudo command like which user can run the sudo command and what privileges can be provided. The sudoers file can be edited in different ways like using a regular text file editor but the visudo command is provided to edit sudoers file in a more fashionable way.
For example, we can skip asking a password for every sudo command execution for the user ismail with the following line. In the following line, the user ismail can run every command as root and other users without asking a password.
ismail ALL=(ALL) NOPASSWD:ALL
In the following configuration, we will enable the passwordless execution but restrict the commands the user can run. The user can only run the /bin/mkdir and /bin/rmdir commands. The commands should be provided with their full or absolute paths.
ismail ALL=(ALL) NOPASSWD:/bin/mkdir,/bin/rmdir
We can configure the sudo permissions for a specific Linux group. In the following example we will give the admin group the sudo privileges for all commands without password.
Add User sudo/wheel Group
Running sudo command requires some privileges. In order to run sudo command the current user should have the user of the sudo or wheel groups. The sudo group is used in Debian, Ubuntu, Mint, Kali. The wheel group is used in Fedora, CentOS, RHEL and SUSE.
Add User To sudo Group:
Add User To wheel Group:
List Sudoer User Privileges and Rights
The sudo command provides the -l option in order to list current user sudoer file configuration and privileges. This will list secure paths for the current user where these paths executables can be executed securely. Also available commands for the current user listed like below.
Run Command As Different User
Even the sudo command is mainly used and popular for executing commands with root privileges it can be also used for to execute commands with different user privileges. The -u option is used to set the username as a parameter. In the following example we will execute the mkdir command with the user ali .
$ sudo -u ali mkdir /home/ali/backup
Sudo Environment Variables
As a command line or bash tool, the sudo command comes with useful environment variables. These environment variables are used to set current users and new user environments.
SUDO_ASKPASS is used to enable or disable asking password for the user.
SUDO_COMMAND is set the command executed by the sudo.
SUDO_EDITOR is the editor used to edit sudoers file which is nano in most of the cases.
SUDO_PROMPT used as the default password prompt.
SUDO_UID stores the user id of the user who invoked sudo command.
Sudo Command Examples
In this part, we will make some examples of popular use cases about the sudo command. In the following example, we will edit the index.html file with the www user privileges.
$ sudo -u www vim /var/www/html/index.html $ sudo -u www vim /var/www/html/index.php $ sudo -u www vim /var/www/html/index.cgi
In the following example, the log files about the system will be displayed. Normally these log files are only viewed by the root and admin users.
$ sudo -u adm cat /var/log/syslog
We can edit another user’s home directory content like a file. In the following example, we will change the file which is owned and stored by the ahmet home user directory.
$ sudo -u ahmet vim /home/ahmet/names.txt
The system can be shutdown using the sudo command with a normal user like below.
If you want to change a different user password and do not want to log in to this user or root you can use the sudo to change another user password like below. In the following example, the user named elif password will be changed.
Run Multiple Commands with sudo
Single sudo may run multiple commands at a single execution. This is mainly related to the bash features where a single line may contain multiple commands which are separated with the ; .
$ sudo sh -c "cd /home/ismail; mkdir backup; cd backup; touch text.txt"
Multiple commands can be also executed with different user privileges like below.
$ sudo -u ismail sh -c "cd /home/ismail; mkdir backup; cd backup; touch text.txt"
Compare su vs sudo Command
su is another command which is used to change the current user into the root or another user. It may seem the su and sudo commands are the same but they are not. sudo the command executes given commands without changing the current user sessions by just changing the command execution privileges. Where the su command directly changes the current user session into other users and you can not make operations with the previous user unless not change back to this user.
Messed Up with Sudoers File
You can edit the sudoers file in different ways. But the best way is using the visudo command which will open the sudo command with a default text editor. But if you create a regular text file and copy ass a sudoers file and if you have a typing error the sudoers file format will be corrupt and the sudoers file will not work. Please take the following suggestion into consideration when editing the sudoers file to prevent errors and malfunction.
- Do not edit sudoers file directly and use the visudo command which will check the edited sudoers file when exiting.
- If there is an error in the sudoers file and can not use the sudo command use the su command which will log in as the root user.
- If you made an error in sudoers file and can not run the sudo command and using this system as VM just shut down the system and mount the disk file and change the sudoers file.
how to run command in bash as root? [closed]
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
#!/bin/bash FILES="/var/www/html/crm/cicrm/cache/ /var/www/html/crm/cicrm/data/ /var/www/html/crm/cicrm/logs/ /var/www/html/crmtest/cicrm/cache/ /var/www/html/crmtest/cicrm/data/ /var/www/html/crmtest/cicrm/logs/" for f in $FILES do echo "processing $f" 1>&2 if [[ ! -e $f ]]; then mkdir $dir elif [[ ! -d $f ]]; then echo "$f already exists but is not a directory" 1>&2 fi done chown -R manager:phpdev /var/www/html/crm/ chown -R manager:phpdev /var/www/html/crmtest/ chown -R manager:phpdev /var/redmine/crmGit/ chown -R manager:phpdev /var/redmine/owncloudGit/ chmod -R 770 /var/redmine/crmGit/ chmod -R 770 /var/redmine/owncloudGit/ chmod -R 770 /var/www/html/crm/ chmod -R 777 /var/www/html/crm/cicrm/cache/ chmod -R 777 /var/www/html/crm/cicrm/data/ chmod -R 777 /var/www/html/crm/cicrm/logs/ chmod -R 770 /var/www/html/crmtest/ chmod -R 777 /var/www/html/crmtest/cicrm/cache/ chmod -R 777 /var/www/html/crmtest/cicrm/data/ chmod -R 777 /var/www/html/crmtest/cicrm/logs/
and the whole dirs is only owned by me : manager:phpdev usually when my developers update all files with git, the permission is changing to developer:developer, how my user (developer:developer) can run my script ?