sudo with password in one command line?
On busy days, I'd like to run
$ ./configure && make && sudo make install && halt
on the night and go to bed, hoping the application would automatically be installed. But what I see the next day is the screen where sudo asks me for the password. So how could I run sudo with password in one command line, or is there any other method to do this?
Solution 1:
Yes, use the -S
switch which reads the password from STDIN:
$echo <password> | sudo -S <command>
So for your case it would look like this:
$./configure && make && echo <password> | sudo -S make install && halt
of course, replace <password>
with your password.
Solution 2:
Set HISTIGNORE to "sudo -S"
$ export HISTIGNORE='*sudo -S*'
Then pass your password safely to sudo:
$ echo "your_password" | sudo -S -k <command>
"HISTIGNORE" means to not save this command into the history. That is the history in memory or "~/.bash_history" file.
For example, the below will safely pipe your password to the sudo command, without retaining a history of your password.
“-S”, means to use stdin for the password,
“-k” means to ignore cached credentials to force sudo to always ask. This is for consistent behavior.
$ export HISTIGNORE='*sudo -S*'
$ echo "<your_password>" | sudo -S -k whoami
$ echo "<your_password>" | sudo -S -k cat /etc/shadow
$ echo "<your_password>" | sudo -S -k bash /tmp/myscript.sh
The downside to the above method is that if you want to see the commands you ran in the history later on they won't be there. Another method is to update the sudo authentication credential cache (default is enabled with 5 minutes timeout), then run the sudo separately. But the downside of this is that you'll need to be aware of the 5 minute cache.
For example:
$ export HISTIGNORE='*sudo -S*'
$ echo "<your_password>" | sudo -S -v
$ sudo whoami
$ echo "<your_password>" | sudo -S -v
$ sudo cat /etc/shadow
$ echo "<your_password>" | sudo -S -v
$ sudo /tmp/myscript.sh
Note I ran a sudo before each command to ensure that the sudo cache is updated, as the default is 5 mintues. Yes, whoami shouldn't take 5 minutes, but I figure might as well have it run before each command for consistency. You could also put "export HISTIGNORE='sudo -S'" in your ~/.bashrc file, then load it with ". ~/.bashrc" or logoff then login. However, I'm thinking using this for scripting purposes, so I'll keep it at the top of all my scripts for best security practices. Setting "echo "" | sudo -S -v" to a variable instead might also be a good idea, then just run the variable before each command that needs root privileges, see Janar's comment. "John T"'s comment should also include the "-k" parameter, as if you run "sudo -S" without "-k" and sudo authentication cache already has your credentials (and is still valid, default sudo authentication cache is 5 minutes) then bash will run your password as a command instead, which is bad.
Solution 3:
You can do this too:
sudo -S <<< "password" command
Solution 4:
You could also configure sudo with visudo
to allow you user to use make as sudo without password.
User_Alias USERS = your_user
Cmnd_Alias CMDS = /usr/bin/make
USERS ALL = (ALL) NOPASSWD: CMDS
Solution 5:
Several of the other solutions have the disadvantage that they unnecessarily run ./configure
and make
as root.
This is a bit convoluted, but it should work:
sudo sh -c "su $USER -c ./configure && su $USER -c make && make install && halt"
Note the use of double quotes to allow $USER
to be expanded by the (non-root) shell.
I might also add a sleep 60
before the halt
command. I've sometimes done things like this, expecting the command to run for a long time, but something goes wrong and it terminates immediately; the sleep
lets me kill the command before the system shuts down. Or you can use shutdown
with a time argument.