How to login as root from Bash and do stuff
Solution 1
You can pipe the password and send it in the command inside the script.
echo "password" | sudo -S
But it is not a good idea to send the password in the command line. If you need more information on how to login as root from the script, you can look at the answer provided here.
However, if it is for experimental purposes, we can use the expect to enter the password from command line. The script needs be modified like below.
#!/usr/bin/expect -f
spawn sudo -s <<EOF
expect "assword for username:"
send -- "user-password\r"
expect eof
The last line is needed since we need to press the Enter after inputting the password. As Tian suggested, it is not a good idea to send the root password in the shell script.
Solution 2
Embedding the root password in the script isn't a good idea, from a security point of view, this is probably why su attempts to get it initially from a terminal.
Using sudo
is a better route to take, it's more flexible, you can configure it to allow only particular commands, or even certain users to run a program/script with or without using a password (man sudo
).
@Ketan's reference is also worth reading.
Solution 3
I GOT ANSWER FROM here
Doing this kind of stuff is not safe or standard practice (in fact many consider it disasterous), it is really not a good idea to put a password in a script. A more standard approach would be simply to expect the whole script to be executed with root privileges, or just to have the script prompt for a password. You can also allow various commands to be run via sudo without a password by particular users by using the NOPASSWD
option in /etc/suoders
.
However, now that you are aware of the risks, it is possible to use sudo -kS
to have sudo read the password from stdin
:
sudo -kSs << EOF
password
whoami
echo "Not a good idea to have a password encoded in plain text"
EOF
Related videos on Youtube
MLSC
Updated on September 18, 2022Comments
-
MLSC over 1 year
This is my simple bash:
cat test.sh #!/bin/bash echo "hello" su - root -c /path/to/script.sh <<EOF password EOF whoami echo "good bye"
But I get this error:
./test.sh hello su: must be run from a terminal <current-user> good bye
(OR)
cat test2.sh #!/bin/bash echo "hello" sudo su <<EOF password EOF whoami echo "good bye"
Again another error
(OR)
cat test3.sh #!/bin/bash echo "hello" su root <<EOF password EOF whoami echo "good bye"
again error...
when I try:
#!/bin/bash echo "hello" sudo -s <<EOF <password> echo Now I am root id echo "yes!" EOF whoami echo "good bye"
Then the output is:
./script.sh hello [sudo] password for <user>:
I also changed my script to:
#!/usr/bin/expect -f spawn sudo -s <<EOF expect "assword for user:" send -- "password\r" expect eof
and output is:
spawn sudo -s <<EOF [sudo] password for user: /bin/bash: <<EOF: command not found
Also
which sh
output is/bin/sh
How can I resolve the error in these three scripts?
-
Ketan Maheshwari about 10 yearsSee this: stackoverflow.com/questions/20616022/…
-
X Tian about 10 yearswhen it asks you for a password, then give it your own password (not root password). If you run it again, it can cache the password and not ask again (depends on config). and remove
<password>
line -
MLSC about 10 yearsno...I don't want use caching...you are right..but for first time I want enter password and do stuff
-
-
Ramesh about 10 yearsIs the option that I specified working?
-
MLSC about 10 yearsNo really, the error is:
sudo: root: command not found
-
Ramesh about 10 yearsTake a look at this link. Apparently, you need the -s flag only. stackoverflow.com/questions/11636840/…
-
MLSC about 10 yearsgood..question: doesn't need to enter password?
-
Ramesh about 10 yearsWhich flavor of Linux distribution you are using? My guess is, if it is debian based, sudo -s should not prompt you to enter the password. Anyways, it is worth trying the script in the link that I provided. If it is asking for password, then you might need to embed the password from command line as I had earlier posted, which is obviously not a good idea.
-
MLSC about 10 yearsubuntu..and please see UPDATE2
-
Ramesh about 10 years
-
MLSC about 10 yearsOk see update2..I am in chat :)
-
MLSC about 10 yearssorry, how can I put message in chatroot? this is not enable for me!!!!!!I just see your comments
-
MLSC about 10 yearsoutput of
which sh
>>> /bin/sh -
Graeme about 10 yearsHmm, this answer looks familiar...
-
MLSC about 10 yearsyes..I remove it.. and put it here and in superuser..ok?
-
MLSC about 10 yearsreally I put it here for helping others...I didn't want to bother you...please put the anser I'll remove it
-
Graeme about 10 yearsNo prob, maybe a link to the original would be good though. SE won't allow duplicate answers on the same question anyway, even if one is deleted.
-
Graeme about 10 yearsIf you are going to use the
-S
option withsudo
, is a good idea to use-k
too. This makes sure the password is not left onstdin
, eg if the user has already recently entered in the parent shell. -
Ramesh about 10 yearsyeah, but if we use
expect
do we need-k
set? -
Graeme about 10 yearsDon't think so, AFAIK expect won't send anything if there is no password prompt
-
Ramesh about 10 yearsyeah, after expect I am using
send
to input the password in my script. -
Graeme about 10 yearsDaresay this is a good answer, might as well upvote it :)
-
MLSC about 10 yearspretty good..I am thankful really...you can do it in superuser if you want :D
-
Graeme about 10 yearsNo, you go ahead. I don't really go on there anyway. I updated the original answer though.