Automating the "sudo su - user" command
Solution 1
I will try and guess what you asked.
If you want to use sudo su - user
without a password, you should (if you have the privileges) do the following on you sudoers file:
<youuser> ALL = NOPASSWD: /bin/su - <otheruser>
where:
<yourusername>
is you username :D (saumun89, i.e.)<otheruser>
is the user you want to change to
Then put into the script:
sudo /bin/su - <otheruser>
Doing just this, won't get subsequent commands get run by <otheruser>
, it will spawn a new shell. If you want to run another command from within the script as this other user, you should use something like:
sudo -u <otheruser> <command>
And in sudoers file:
<yourusername> ALL = (<otheruser>) NOPASSWD: <command>
Obviously, a more generic line like:
<yourusername> ALL = (ALL) NOPASSWD: ALL
Will get things done, but would grant the permission to do anything as anyone.
Solution 2
You can use command
echo "your_password" | sudo -S [rest of your parameters for sudo]
(Of course without [ and ])
Please note that you should protect your script from read access from unauthorized users. If you want to read password from separate file, you can use
sudo -S [rest of your parameters for sudo] < /etc/sudo_password_file
(Or whatever is the name of password file, containing password and single line break.)
From sudo man page:
-S The -S (stdin) option causes sudo to read the password from
the standard input instead of the terminal device. The
password must be followed by a newline character.
Solution 3
When you login into a shell session via putty or moba where you have stored the login credentials for a non root account, simply add this command to be executed upon login in by putty or moba and it will switch your access to root right away.
echo "PASSWORD" | sudo -S su - && sudo su
Solution 4
The easiest way is to make it so that user doesn't have to type a password at all.
You can do that by running visudo
, then changing the line that looks like:
someuser ALL=(ALL) ALL
to
someuser ALL=(ALL) NOPASSWD: ALL
However if it's just for one script, it would be more secure to restrict passwordless access to only that script, and remove the (ALL)
, so they can only run it as root, not any user , e.g.
Cmnd_Alias THESCRIPT = /usr/local/bin/scriptname
someuser ALL=NOPASSWD: THESCRIPT
Run man 5 sudoers
to see all the details in the sudoers man page.
Related videos on Youtube
sam
Updated on September 17, 2022Comments
-
sam over 1 year
I want to automate
sudo su - user
from a script. It should then ask for a password.
-
user1686 over 13 yearsDon't
sudo su - user
, usesudo -iu user
instead. (Easier to manage throughsudoers
, by the way.) -
JJ_Australia over 13 yearsHow are you able to run
sudo su
without being able to runsudo visudo
?
-
-
Torian over 13 yearsyou are out of luck ... you could do this with, lets say
expect
but that would let the password for your user hardcoded somewhere, where people could see it (granted that you setup permissions the right way, it could still be read by root). -
Nethan over 13 yearsTry using
expect
.man expect
for details. -
sam over 13 yearswhen the sudo su - user command gets executed,it asks for a password. i want a solution in which script automaticaaly reads password from somewhere. i dont have permission to do what u told earlier.
-
sam over 13 yearswhen the sudo su - user command gets executed,it asks for a password. i want a solution in which script automaticaaly reads password from somewhere. i dont have permission to edit sudoers file.i have the permission to store password in a file.the script should read password from that file
-
sam over 13 yearsi have the permission to store password in a file. the script should read password from that file
-
AlexandruC over 9 yearsThis actually works for me.
-
Oscar Foley over 8 yearsThis is brilliant
-
peterh over 4 yearsWelcome on the site! Please explain, how does it work.
-
Andy over 4 yearsWhen you login into a shell session via putty or moba where you have stored the login credentials for a non root account, simply add this command to be executed upon login in by putty or moba and it will switch your access to root right away.
-
peterh over 4 yearsNot in a comment, insert it into your answers. Comments are "secondary citizens", they are only for clarifications and so. The answer has to be a round thing, comprehensible even if all the comments are deleted.
-
Andy over 4 yearsSorry - thx for the clarification ;)