Linux bash execute as root

The last line is needed since we need to press the Enter after inputting the password. As Tian suggested, it is not a good idea to send the root password in the shell script.

Take a look at this link. Apparently, you need the -s flag only. stackoverflow.com/questions/11636840/…

Embedding the root password in the script isn't a good idea, from a security point of view, this is probably why su attempts to get it initially from a terminal.

Using sudo is a better route to take, it's more flexible, you can configure it to allow only particular commands, or even certain users to run a program/script with or without using a password ( man sudo ).

@Ketan's reference is also worth reading.

I GOT ANSWER FROM here

Doing this kind of stuff is not safe or standard practice (in fact many consider it disasterous), it is really not a good idea to put a password in a script. A more standard approach would be simply to expect the whole script to be executed with root privileges, or just to have the script prompt for a password. You can also allow various commands to be run via sudo without a password by particular users by using the NOPASSWD option in /etc/suoders .

However, now that you are aware of the risks, it is possible to use sudo -kS to have sudo read the password from stdin :

Источник

Linux sudo Command – Run Commands with Root Privileges

sudo command is a special command which is used to execute normal user commands with root privileges without logging as the root user. The sudo term is the short form of the “SuperUser Do” or “substitute user do“. This is not a security problem because in order to execute commands as root the user should have already provided the required privileges in the /etc/sudoers file. If not the user can not execute commands with root privileges. The sudo command also used to run commands with different user privileges. The sudo command provides the root or superuser privileges for only the current command or application. So this means sudo provides temporary administrative rights to the current normal user.

The sudo is create in 1980 but gained popularity in 1994 with the unofficial for called “CU sudo“. Then with extra development by fixing issues, problems and integration with more Linux distributions the name changed into “sudo“.

Install sudo (sudo command not found error solution)

The sudo command is preinstalled in most of the Linux distributions and its core of the daily system adminsitration. But for different reasons it may not be installed or removed in some cases. You will get an error like “sudo command not found error”. The sudo command can be install with the package name “sudo” for the most of the Linux distributions.

Install sudo For Ubuntu, Debian, Mint, Kali:

Install sudo For Fedora, CentOS, RHEL, SUSE:

sudo Command Syntax

sudo command is used at the start of the command which means the root privielges are elevated before the execution of the command.

• PARAMETER is the sudo command parameters.
• COMMAND is the command which will be executed with root or different user privilege.

sudo Parameters

Even sudo command a lot of options or parameters the most popular options are like below.

Display sudo Command Help Information

The sudo command provides the -h option in order to list help information with available options. Alternatively the long format of the -h option which is –help can be also used to print help.

Run Command with Root Privilege

According to its syntax, the sudo command can be used to run different commands with the root privileges like below. In the following example, we will print the /etc/passwd content using the cat command. Normally the passwd file can be only read by the root user. The current user password will be asked for authentication. After successful authentication, the password will be cached and will not be asked for a short period.

The output is like below. Where every user in the system is listed with the information like loginshell, userid, home directory etc.

 [sudo] password for ismail: root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin man:x:6:12:man:/var/cache/man:/usr/sbin/nologin lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin mail:x:8:8:mail:/var/mail:/usr/sbin/nologin news:x:9:9:news:/var/spool/news:/usr/sbin/nologin uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin proxy:x:13:13:proxy:/bin:/usr/sbin/nologin www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin backup:x:34:34:backup:/var/backups:/usr/sbin/nologin list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin 

Add User To Sudoers File

In order to use the sudo command the current user should be added to the sudo configuration file named /etc/sudoers . This file stores configuration about the sudo command like which user can run the sudo command and what privileges can be provided. The sudoers file can be edited in different ways like using a regular text file editor but the visudo command is provided to edit sudoers file in a more fashionable way.

For example, we can skip asking a password for every sudo command execution for the user ismail with the following line. In the following line, the user ismail can run every command as root and other users without asking a password.

ismail ALL=(ALL) NOPASSWD:ALL

In the following configuration, we will enable the passwordless execution but restrict the commands the user can run. The user can only run the /bin/mkdir and /bin/rmdir commands. The commands should be provided with their full or absolute paths.

ismail ALL=(ALL) NOPASSWD:/bin/mkdir,/bin/rmdir

We can configure the sudo permissions for a specific Linux group. In the following example we will give the admin group the sudo privileges for all commands without password.

Add User sudo/wheel Group

Running sudo command requires some privileges. In order to run sudo command the current user should have the user of the sudo or wheel groups. The sudo group is used in Debian, Ubuntu, Mint, Kali. The wheel group is used in Fedora, CentOS, RHEL and SUSE.

Add User To sudo Group:

Add User To wheel Group:

List Sudoer User Privileges and Rights

The sudo command provides the -l option in order to list current user sudoer file configuration and privileges. This will list secure paths for the current user where these paths executables can be executed securely. Also available commands for the current user listed like below.

Run Command As Different User

Even the sudo command is mainly used and popular for executing commands with root privileges it can be also used for to execute commands with different user privileges. The -u option is used to set the username as a parameter. In the following example we will execute the mkdir command with the user ali .

$ sudo -u ali mkdir /home/ali/backup

Sudo Environment Variables

As a command line or bash tool, the sudo command comes with useful environment variables. These environment variables are used to set current users and new user environments.

SUDO_ASKPASS is used to enable or disable asking password for the user.

SUDO_COMMAND is set the command executed by the sudo.

SUDO_EDITOR is the editor used to edit sudoers file which is nano in most of the cases.

SUDO_PROMPT used as the default password prompt.

SUDO_UID stores the user id of the user who invoked sudo command.

Sudo Command Examples

In this part, we will make some examples of popular use cases about the sudo command. In the following example, we will edit the index.html file with the www user privileges.

$ sudo -u www vim /var/www/html/index.html $ sudo -u www vim /var/www/html/index.php $ sudo -u www vim /var/www/html/index.cgi

In the following example, the log files about the system will be displayed. Normally these log files are only viewed by the root and admin users.

$ sudo -u adm cat /var/log/syslog

We can edit another user’s home directory content like a file. In the following example, we will change the file which is owned and stored by the ahmet home user directory.

$ sudo -u ahmet vim /home/ahmet/names.txt

The system can be shutdown using the sudo command with a normal user like below.

If you want to change a different user password and do not want to log in to this user or root you can use the sudo to change another user password like below. In the following example, the user named elif password will be changed.

Run Multiple Commands with sudo

Single sudo may run multiple commands at a single execution. This is mainly related to the bash features where a single line may contain multiple commands which are separated with the ; .

$ sudo sh -c "cd /home/ismail; mkdir backup; cd backup; touch text.txt"

Multiple commands can be also executed with different user privileges like below.

$ sudo -u ismail sh -c "cd /home/ismail; mkdir backup; cd backup; touch text.txt"

Compare su vs sudo Command

su is another command which is used to change the current user into the root or another user. It may seem the su and sudo commands are the same but they are not. sudo the command executes given commands without changing the current user sessions by just changing the command execution privileges. Where the su command directly changes the current user session into other users and you can not make operations with the previous user unless not change back to this user.

Messed Up with Sudoers File

You can edit the sudoers file in different ways. But the best way is using the visudo command which will open the sudo command with a default text editor. But if you create a regular text file and copy ass a sudoers file and if you have a typing error the sudoers file format will be corrupt and the sudoers file will not work. Please take the following suggestion into consideration when editing the sudoers file to prevent errors and malfunction.

• Do not edit sudoers file directly and use the visudo command which will check the edited sudoers file when exiting.
• If there is an error in the sudoers file and can not use the sudo command use the su command which will log in as the root user.
• If you made an error in sudoers file and can not run the sudo command and using this system as VM just shut down the system and mount the disk file and change the sudoers file.

Источник

how to run command in bash as root? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.

#!/bin/bash FILES="/var/www/html/crm/cicrm/cache/ /var/www/html/crm/cicrm/data/ /var/www/html/crm/cicrm/logs/ /var/www/html/crmtest/cicrm/cache/ /var/www/html/crmtest/cicrm/data/ /var/www/html/crmtest/cicrm/logs/" for f in $FILES do echo "processing $f" 1>&2 if [[ ! -e $f ]]; then mkdir $dir elif [[ ! -d $f ]]; then echo "$f already exists but is not a directory" 1>&2 fi done chown -R manager:phpdev /var/www/html/crm/ chown -R manager:phpdev /var/www/html/crmtest/ chown -R manager:phpdev /var/redmine/crmGit/ chown -R manager:phpdev /var/redmine/owncloudGit/ chmod -R 770 /var/redmine/crmGit/ chmod -R 770 /var/redmine/owncloudGit/ chmod -R 770 /var/www/html/crm/ chmod -R 777 /var/www/html/crm/cicrm/cache/ chmod -R 777 /var/www/html/crm/cicrm/data/ chmod -R 777 /var/www/html/crm/cicrm/logs/ chmod -R 770 /var/www/html/crmtest/ chmod -R 777 /var/www/html/crmtest/cicrm/cache/ chmod -R 777 /var/www/html/crmtest/cicrm/data/ chmod -R 777 /var/www/html/crmtest/cicrm/logs/ 

and the whole dirs is only owned by me : manager:phpdev usually when my developers update all files with git, the permission is changing to developer:developer, how my user (developer:developer) can run my script ?

Источник