Use sudo Command in Non-Interactive Mode


In Linux, the sudo (Super User DO) command is frequently used as a prefix to a command that only superusers are permitted to execute. Any command that has the "sudo" prefix will run with elevated privileges, or in other words, allow a user with the necessary permissions to execute a command in the role of another user, such as the superuser. This is comparable to Windows' "run as administrator" option. We can have several administrators thanks to sudo.

Note − Linux commands are case-sensitive.

Default sudo behavior

To use the sudo command on the majority of contemporary Linux distributions, a user must be a member of the wheel, sudo, or sudoers groups. A single-user system gives its user sudo capabilities by default. Several user accounts on a system or server may prevent some users from having sudo access.

Let's first go over the sudo command's default behavior −

$ sudo cp /root/temp1 lecture_class
[sudo] password for tutorials: 

$ ls -l lecture_class
-rw------- 1 root root 12863 Jan 15 13:48 lecture_class

In the above example, we ran the sudo command as tutorials, a regular user. The lecture_class file for root should be copied to the current directory.

Passing parameter as password

If we need to include the sudo command in a script, for instance, or if we want to run it in a non-interactive mode.

Let's now look at how to send the password to sudo as a parameter.

Using -S option

Using the superuser/root role, sudo -s launches the shell that is given in your $SHELL environment variable. With -u, another user can be specified.

The path to the user's default login shell is stored in the $SHELL environment variable. Often, etc/passwd contains the real default shell programme setting. The shell application you're presently using might not be in the $SHELL variable depending on what you've done in your current session. For example, if you use zsh to log in automatically and then run bash, $SHELL will remain at /bin/zsh.

Let's examine this choice by executing the same command −

tutorials$ echo "My Pass" | sudo -S cp /root/temp1 lecture_class
[sudo] password for tutorials: 

tutorials$ ls -l lecture_class
-rw------- 1 root root 12863 Jan 15 13:48 lecture_class

As we can see, the password was piped to stdin. Although the prompt was still there, the sudo command executed the cp command without waiting for our input this time.

Suppress Prompt

The sudo command reads the password from standard input when the -S parameter is used. Man sudo explains: -S, —stdin

Instead than using the terminal device, write the prompt to the standard error and read the password from the standard input. There must be a newline character after the password.

It's important to note that when using the -S option, sudo will write the prompt to standard out (standard out) rather than standard error (stderr) (stdout).

With the aid of redirection, we can rapidly disable the password prompt −

tutorials$ echo "My password" | sudo -S cp /root/temp1 lecture_class 2>/null

tutorials$ ls -l lecture_class
-rw------- 1 root root 12863 Jan 15 13:48 lecture_class

We would use 2 to reroute standard error from the cat command.

Superuser Without Asking for a Password

For Linux or Unix-like systems, sudo ("superuser do") is just a tool for running commands and programmes as a different user. as root user or another user, often. With sudo, you can assign routine tasks to non-privileged users, such as rebooting the server, starting Apache, or creating a backup. By default, sudo requires password authentication from the user before to executing a command. When you need to run a command as root, but do not want to enter a password, you can use the sudo command. For scripting or any other use, this is helpful. By making the appropriate entries in the /etc/sudoers file, this can be accomplished.

$ su -
# or use the sudo command 
$ sudo -i

By entering the following command, you can make a backup of your /etc/sudoers file, and edit the file as done below,

$ cp /etc/sudoers /root/sudoers.bak
# visudo

Add the following line to the /etc/sudoers file so that the user "tutorials" can execute the commands "/bin/kill" and "systemctl" without entering a password so that it does not request passwords when all users are running an application as root −

# tutorials ALL = NOPASSWD: /bin/systemctl restart httpd.service, /bin/kill

Save and exit the file, hence test it by running the below command,

# sudo /bin/kill {pid}


When we use the sudo command to launch a programme, it will by default request the password for the currently logged-in user. But, occasionally we would want to use sudo to run some operations in a non-interactive mode. First, we've demonstrated how to use the -S option of the sudo command to pass the password as a parameter. While using sudo on Linux or other Unix-like systems, you learnt how to run a command without a password. Operations that don't require a password pose a serious security risk.

Updated on: 01-Aug-2023


Kickstart Your Career

Get certified by completing the course

Get Started