Why is this bypassing the SUDO password?
I have a bash script I am using to automate a SVN checkout. The contents of the file were:
#!/bin/bash
cd /var/www-cake
sudo svn checkout file:///usr/local/svn/bash_repo/repo/
Then when I double click the file it would ask me what to do, I would click the button "Run In Terminal" and then a terminal would pop up and ask me for the SUDO password. I would enter it, the script would execute and the terminal would close.
I wanted to give some sort of indication that the script ran successfully so I edited my file to look like:
#!/bin/bash
cd /var/www-cake
sudo svn checkout file:///usr/local/svn/bash_repo/repo/
echo "Head revision has been pushed to live server"
I expected the terminal to now stay open and tell me the message afterwards. To my surprise it now opens and immediately closes. The script does execute and I no longer have to put in the SUDO password.
Is this right? I do not understand why this is happening, seems like a security issue.
Solution 1:
sudo remembers your password for some time (15 minutes by default). You can make sudo to forget the password by running sudo -k
Solution 2:
What happens when you run the script directly from the terminal? Typically if the sudo password has been typed once it's remembered for 15 minutes. If you run it graphically the terminal prompt will close after a complete execution. I don't have an SVN repo to play with - however, I did a similar test which will gather input from a user and touch a file by that name.
#!/usr/bin/env bash
echo -n "Hello, enter the file name: "
read NAME
touch $NAME
echo "All done"
When executed from the terminal:
Then double clicked:
The prompt closes when complete but does what is requested.
Solution 3:
To keep the prompt open after executing a script, you can try two things:
- Add the
read
command as the last line. -
To create a launcher that executes a command in terminal and keeps the window open, create a profile for gnome-terminal, say Hold, that does exactly that (look through the profile options) and use the following.
gnome-terminal --window-with-profile="Hold" -e "/path/to/script"