11

I would like to do something like that:

sudo -p password rm /a/file

Can I put the password and the user on the same line?

My Sudo version is 1.8.9p5

Jakob Lenfers
  • 727
adamista
  • 213
  • are you trying to run something under sudo as root, or trying to change root's password? – Jeff Schaller Apr 10 '16 at 16:00
  • I'm trying to run something under sudo as root – adamista Apr 10 '16 at 16:01
  • you're aware that the pasword prompt from sudo is for your password, not root's? (It may be the same, but they are separate passwords). Also, sudo's default runas user is root (and the syntax would be 'sudo -u root'...) – Jeff Schaller Apr 10 '16 at 16:04
  • Yes, but How can I change the user to root specifying the user's password in the same line? – adamista Apr 10 '16 at 16:10

3 Answers3

16

sudo does not have an option to specify the password, but you can still do the authentication on the command line, like this:

echo password | sudo -u root --stdin

or just

echo password | sudo -S

referring to the sudo manual page:

-S, --stdin
Write the prompt to the standard error and read the password from the standard input instead of using the terminal device. The password must be followed by a newline character.

and

-u user, --user= user
Run the command as a user other than the default target user (usually root). The user may be either a user name or a numeric user ID (UID) prefixed with the ‘#’ character (e.g. #0 for UID 0). When running commands as a UID, many shells require that the ‘#’ be escaped with a backslash (‘\’). Some security policies may restrict UIDs to those listed in the password database. The sudoers policy allows UIDs that are not in the password database as long as the targetpw option is not set. Other security policies may not support this.

But sudo has been under development a long time. Check the version:

-V, --version
Print the sudo version string as well as the version string of the security policy plugin and any I/O plugins. If the invoking user is already root the -V option will display the arguments passed to configure when sudo was built and plugins may display more verbose information such as default options.

The support for long options was added in 2013.

Besides authenticating, you need something for sudo to do, e.g., a command. I often check that it is working by doing just

sudo id

which should show the root user, e.g.,

uid=0(root) gid=0(root) groups=0(root)
Thomas Dickey
  • 76,765
  • If I do this the standard input put: usage: sudo -h | -K | -k | -V usage: sudo -v [-AknS] [-g group] [-h host] [-p prompt] [-u user] usage: sudo -l [-AknS] [-g group] [-h host] [-p prompt] [-U user] [-u user] [command] usage: sudo [-AbEHknPS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p prompt] [-u user] [VAR=value] [-i|-s] [] usage: sudo -e [-AknS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p prompt] [-u user] file ... – adamista Apr 10 '16 at 15:54
  • There's more than one version of sudo - – Thomas Dickey Apr 10 '16 at 15:56
  • How can I know my version? – adamista Apr 10 '16 at 16:00
  • My sudo version is: 1.8.9p5 – adamista Apr 10 '16 at 16:11
  • I can with the first option but specifying a command al the end. Thanks :D – adamista Apr 10 '16 at 16:40
  • 1
    This doesn't work on Ubuntu 16.04 – user10089632 Apr 12 '18 at 19:07
3

While OP might have a good reason for wanting to do exactly this, it usually is a bad idea (password can be read by ps, and so on) and I wanted to provide a more secure alternative.

A better solution if you want to run something with sudo without putting in your password is to allow your user to do exactly that one command without password.

Open sudoers file with sudo visudo and add the following line (obviously replace the username at the beginning and the command at the end):

alice ALL = NOPASSWD: /full/path/to/command

This is explained more here: https://askubuntu.com/a/39294

Community
  • 1
Jakob Lenfers
  • 727
-1

In many situation you wouldn't want to pipe the password, but to keep sudo credentials refreshed:

refreshPermissions () {
    local pid="${1}"

while kill -0 "${pid}" 2> /dev/null; do
    sudo -v
    sleep 10
done



}


sudo -v
refreshPermissions "$$" &

Then if a command needs root permissions within your program just do:

sudo [command]

And no password will be requested.

Alberto Salvia Novella
  • 311
  • 2
    This doesn’t really help for the first sudo run... And if you’re going to work around the sudo timeout like this, you might as well reconfigure sudo not to have a timeout in the first place. – Stephen Kitt Feb 15 '21 at 14:04