Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Storing sudo password as variable in script - is it safe?

Tags:

bash

sudo

Is storing my password this way safe?

echo 'Write sudo password (will not be displayed) and hit enter'
read -s password

I need it to make commands like this:

echo $password | sudo -S apt-get install -y foo bar
like image 820
Sławosz Avatar asked Sep 08 '10 11:09

Sławosz

People also ask

Can you use sudo in script?

In Linux, the sudo command allows us to execute a command or script as the superuser. However, by default, the sudo command works in an interactive mode.

Does sudo always ask for password?

If your timestamp_timeout is zero, sudo always prompts for a password. This feature can be enabled only by the superuser, however. Ordinary users can achieve the same behavior with sudo -k, which forces sudo to prompt for a password on your next sudo command.

2 Answers

No because you can see it via /proc/$PID/cmdline.

I suggest not to try to reinvent security tools. The sudo program can cache your password.

like image 170
Dirk Eddelbuettel Avatar answered Oct 26 '22 16:10

Dirk Eddelbuettel

A better approach would be to edit your sudoers file and add your program that don't require password...

Do a sudo visudo and add following to enable your admin group to run apt-get w/o password: %admin ALL = NOPASSWD: /usr/bin/apt-get

See sudoers man page for more detail.

like image 41
fseto Avatar answered Oct 26 '22 16:10

fseto
Sign in to Comment

Related questions

Grep and regex - why am I escaping curly braces?
Shorthand syntax for message-attributes in the send-message command in aws-cli for sqs
Compute the total memory used by Docker containers in Bash
The number of processes a user is running using bash
Append to the top of a large file: bash
Bash regex matching not working [duplicate]
Interpolating variables which contain '$' in a bash script
bash fork error (Resource temporarily unavailable) does not stop, and keeps showing up every time I try to kill/reboot
Script Kerberos Ktutil to make keytabs
Any interesting uses of Makefiles to share?
Why do processes spawned by cron end up defunct?
Why do I have to press Ctrl+D twice to close stdin?
How do I write an alias for grep -R?
How to create a dynamic variable and assign value to it?
Error when using a bash here-doc "unexpected end of file" [duplicate]
How to check if filepath is mounted in OS X using bash?
Sending JSON as extra data in an android broadcast via ADB gets incorrectly formatted
How to delete a whole word on the right in Linux Bash Shell command line [duplicate]
build argument lists containing whitespace
Bash Script using Grep to search for a pattern in a file

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!