1

I'm trying to write a shell script so that when I reinstall my Ubuntu again. I could just run script and retain all the packages. And I'm planning to pass password in form of argument.

My question here is how can i enter into sudo domain without manually entering password. As I'm also planning to design a UI where it can't access the terminal there.

Ex:

./recover.sh password
Pavan
  • 131
  • If you're in a recovery zone you may not even have sudo. Have you considered just using backup tools that provide bare-metal restore? – Chris Davies Apr 30 '16 at 20:37
  • No actually I'm trying to build myself a recovery tool. – Pavan Apr 30 '16 at 20:38
  • Just eager if its possible! – Pavan Apr 30 '16 at 20:39
  • You can configure sudo to avoid requiring a password (read up on the NOPASSWD attribute). But if you're in a recovery zone then I don't see how you would have the modified configuration file necessary for this to happen - you'd need to be root to change the configuration file, in which case you might as well run the entire script as root and avoid sudo entirely. – Chris Davies Apr 30 '16 at 20:43
  • I got the answer echo password | sudo ./recover.sh – Pavan Apr 30 '16 at 20:47
  • this ll let us pass the password through argv – Pavan Apr 30 '16 at 20:47
  • @Pavan If you found a solution you can just post it as an answer an accept it (although piping the password to sudo like that definitely doesn't work) – Michael Mrozek Apr 30 '16 at 22:08
  • @John have you tried this and do you find it works (test with the id command to see which uid is running your code) – Chris Davies May 01 '16 at 18:47
  • @John do you find setuid scripts work? – Chris Davies May 01 '16 at 20:14

2 Answers2

2

You can use...

echo password | sudo -S recover.sh

Password being your sudo password.

From sudo manpage..

-S, --stdin Write the prompt to the standard error and read the password from the standard input instead of using the terminal device.

And second method is 

sudo -S <<< password apt-get install pkg_name
Pavan
  • 131
1

If you don't want to enter password manually you use -A option of sudo

 -A, --askpass
             Normally, if sudo requires a password, it will read it from the user's
             terminal.  If the -A (askpass) option is specified, a (possibly graphi‐
             cal) helper program is executed to read the user's password and output
             the password to the standard output.  If the SUDO_ASKPASS environment
             variable is set, it specifies the path to the helper program.

How to use it?

  1. make a file which will contain your password (unencrypted):

    cat .pass
#!/bin/bash
echo password

  2. Now set it permissions to only executable by only you:

    chmod u=x,go= .pass

  3. now the actual usage

    SUDO_ASKPASS="~/.pass" sudo -A <command>

This way you can run any command as root without entering password

I wouldn't recommend you to store your password unencrypted on your computer, it is very unsafe.

Alex Jones
  • 6,353