How to send sudo password in a shell script
Solution 1
If you have sudo
available, the solution has already been posted in a number of places:
echo <password> | sudo -S -u <user> <command>
From man sudo
:
-S, --stdin Write the prompt to the standard error and read the password from the standard input instead of using the terminal device. The password must be followed by a newline character.
Solution 2
Approach 1 - Read from file
You can save the password in a read-only file for the user and pass the contents to the sudo command.
This will avoid password being stored in shell history
# Save the password in the hidden file
echo "password" > ~/.password
# Update the permissions to allow only the user to read it
chmod 400 ~/.password
# Pass the password over STDIN to sudo
☠ cortex ☠ [~] cat ~/scripts/login_file.sh
cat ~/.password | sudo -S su
# Execute the script
☠ cortex ☠ [~] bash ~/scripts/login_file.sh
[sudo] password for cortex:
☠ cortex ☠ [~]
Approach 2 - Save to temporary environment variable
With this approach, you need to enter on the shell or in the script.
☠ cortex ☠ [~] cat ~/scripts/login.sh
my_password='password' # SET PASSWORD
echo "$my_password" | sudo -S su # INVOKE sudo WITH PASSWORD
Combine with the script
Use any of the approaches mentioned above and authenticate sudo
Then invoke the commands with root access.
☠ cortex ☠ [~] cat ~/scripts/login.sh
# SET PASSWORD
my_password='password'
# INVOKE sudo WITH PASSWORD
echo "$my_password" | sudo -S su;
# INVOKE COMMANDS WITH ROOT ACCESS
sudo -i <<'EOF'
echo "Now i am $(whoami)"
echo "$(id)"
EOF
☠ cortex ☠ [~] bash ~/scripts/login.sh
[sudo] password for cortex: Now i am root
uid=0(root) gid=0(root) groups=0(root)
Cut the clutter with ALIAS
Make the sudo to internally get the password and authenticate itself. You need not require to input the password over STDIN every time
# Create the alias with the Approach 1
☠ cortex ☠ [~] echo "alias sudo=\"cat ~/.password | sudo -S\"" >> ~/.bashrc
# OR Create the alias with the Approach 2
☠ cortex ☠ [~] echo "alias sudo=\"echo \"password\" | sudo -S\"" >> ~/.bashrc
# Re-load the environment
☠ cortex ☠ [~] . ~/.bashrc
# Use sudo directly - No need to pass on password everytime
☠ cortex ☠ [~] sudo whoami
root
Related videos on Youtube
ercey
Updated on September 18, 2022Comments
-
ercey over 1 year
My shell script (don't have EXPECT, and is not possible) runs a shell script impersonating another user. Let's say the following script is named
toto1.sh
and is run with a user calledMYUSERNAME1
.#!/bin/sh su - MYUSERNAME2 ./app/sh/toto2.sh
My script stops, prompting a password request...
How can I send the password for
MYUSERNAME2
?-
simlev over 5 yearsConsider setting up passwordless sudo for this particular case.
-
ercey over 5 yearsI can not, security question. I'm really stuck with the command su
-
simlev over 5 yearsCan't you run or schedule the script as
root
? -
ercey over 5 yearsI do not have the right, the script is invoked by an external application that does not have to have full rights ...
-
ercey over 5 yearsTo put it simply, I can only use the command su
-
simlev over 5 yearsAs a general rule, it is better to avoid writing password down inside scripts.
-
ercey over 5 yearsi know it, but this is my last solution ... how can I do it?
-
simlev over 5 yearsWait a moment...you don't have
sudo
? -
ercey over 5 yearsmy administrator to add the user to sudoers
-
simlev over 5 yearsYour answer is not clear to me: do you have
sudo
? -
ercey over 5 yearsyes, i have sudo
-
-
SurpriseDog almost 4 years"The password must be followed by a newline character." - Useful info for scripts!