Data Structure
Networking
RDBMS
Operating System
Java
MS Excel
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP
Physics
Chemistry
Biology
Mathematics
English
Economics
Psychology
Social Studies
Fashion Studies
Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
Use sudo Command in Non-Interactive Mode
Abstract
In Linux, the sudo (Super User DO) command is frequently used as a prefix to a command that only superusers are permitted to execute. Any command that has the "sudo" prefix will run with elevated privileges, or in other words, allow a user with the necessary permissions to execute a command in the role of another user, such as the superuser. This is comparable to Windows' "run as administrator" option. We can have several administrators thanks to sudo.
Note − Linux commands are case-sensitive.
Default sudo behavior
To use the sudo command on the majority of contemporary Linux distributions, a user must be a member of the wheel, sudo, or sudoers groups. A single-user system gives its user sudo capabilities by default. Several user accounts on a system or server may prevent some users from having sudo access.
Let's first go over the sudo command's default behavior −
$ sudo cp /root/temp1 lecture_class [sudo] password for tutorials: $ ls -l lecture_class -rw------- 1 root root 12863 Jan 15 13:48 lecture_class
In the above example, we ran the sudo command as tutorials, a regular user. The lecture_class file for root should be copied to the current directory.
Passing parameter as password
If we need to include the sudo command in a script, for instance, or if we want to run it in a non-interactive mode.
Let's now look at how to send the password to sudo as a parameter.
Using -S option
Using the superuser/root role, sudo -s launches the shell that is given in your $SHELL environment variable. With -u, another user can be specified.
The path to the user's default login shell is stored in the $SHELL environment variable. Often, etc/passwd contains the real default shell programme setting. The shell application you're presently using might not be in the $SHELL variable depending on what you've done in your current session. For example, if you use zsh to log in automatically and then run bash, $SHELL will remain at /bin/zsh.
Let's examine this choice by executing the same command −
tutorials$ echo "My Pass" | sudo -S cp /root/temp1 lecture_class [sudo] password for tutorials: tutorials$ ls -l lecture_class -rw------- 1 root root 12863 Jan 15 13:48 lecture_class
As we can see, the password was piped to stdin. Although the prompt was still there, the sudo command executed the cp command without waiting for our input this time.
Suppress Prompt
The sudo command reads the password from standard input when the -S parameter is used. Man sudo explains: -S, —stdin
Instead than using the terminal device, write the prompt to the standard error and read the password from the standard input. There must be a newline character after the password.
It's important to note that when using the -S option, sudo will write the prompt to standard out (standard out) rather than standard error (stderr) (stdout).
With the aid of redirection, we can rapidly disable the password prompt −
tutorials$ echo "My password" | sudo -S cp /root/temp1 lecture_class 2>/null tutorials$ ls -l lecture_class -rw------- 1 root root 12863 Jan 15 13:48 lecture_class
We would use 2 to reroute standard error from the cat command.
Superuser Without Asking for a Password
For Linux or Unix-like systems, sudo ("superuser do") is just a tool for running commands and programmes as a different user. as root user or another user, often. With sudo, you can assign routine tasks to non-privileged users, such as rebooting the server, starting Apache, or creating a backup. By default, sudo requires password authentication from the user before to executing a command. When you need to run a command as root, but do not want to enter a password, you can use the sudo command. For scripting or any other use, this is helpful. By making the appropriate entries in the /etc/sudoers file, this can be accomplished.
$ su - # or use the sudo command $ sudo -i
By entering the following command, you can make a backup of your /etc/sudoers file, and edit the file as done below,
$ cp /etc/sudoers /root/sudoers.bak # visudo
Add the following line to the /etc/sudoers file so that the user "tutorials" can execute the commands "/bin/kill" and "systemctl" without entering a password so that it does not request passwords when all users are running an application as root −
# tutorials ALL = NOPASSWD: /bin/systemctl restart httpd.service, /bin/kill
Save and exit the file, hence test it by running the below command,
# sudo /bin/kill {pid}
Conclusion
When we use the sudo command to launch a programme, it will by default request the password for the currently logged-in user. But, occasionally we would want to use sudo to run some operations in a non-interactive mode. First, we've demonstrated how to use the -S option of the sudo command to pass the password as a parameter. While using sudo on Linux or other Unix-like systems, you learnt how to run a command without a password. Operations that don't require a password pose a serious security risk.
174 Views
