How to Gain Root Permission Without Leaving Vim

Can I gain root permission without leaving vim?

To force a save use the following command

:w !sudo tee %

It will prompt you for your password.

How does the vim write with sudo trick work?

In :w !sudo tee %...

% means "the current file"

As eugene y pointed out, % does indeed mean "the current file name", which is passed to tee so that it knows which file to overwrite.

(In substitution commands, it's slightly different; as :help :% shows, it's equal to 1,$ (the entire file) (thanks to @Orafu for pointing out that this does not evaluate to the filename). For example, :%s/foo/bar means "in the current file, replace occurrences of foo with bar." If you highlight some text before typing :s, you'll see that the highlighted lines take the place of % as your substitution range.)

:w isn't updating your file

One confusing part of this trick is that you might think :w is modifying your file, but it isn't. If you opened and modified file1.txt, then ran :w file2.txt, it would be a "save as"; file1.txt wouldn't be modified, but the current buffer contents would be sent to file2.txt.

Instead of file2.txt, you can substitute a shell command to receive the buffer contents. For instance, :w !cat will just display the contents.

If Vim wasn't run with sudo access, its :w can't modify a protected file, but if it passes the buffer contents to the shell, a command in the shell can be run with sudo. In this case, we use tee.

Understanding tee

As for tee, picture the tee command as a T-shaped pipe in a normal bash piping situation: it directs output to specified file(s) and also sends it to standard output, which can be captured by the next piped command.

For example, in ps -ax | tee processes.txt | grep 'foo', the list of processes will be written to a text file and passed along to grep.

     +-----------+    tee     +------------+
     |           |  --------  |            |
     | ps -ax    |  --------  | grep 'foo' |
     |           |     ||     |            |
     +-----------+     ||     +------------+
                       ||   
               +---------------+
               |               |
               | processes.txt |
               |               |
               +---------------+

(Diagram created with Asciiflow.)

See the tee man page for more info.

Tee as a hack

In the situation your question describes, using tee is a hack because we're ignoring half of what it does. sudo tee writes to our file and also sends the buffer contents to standard output, but we ignore standard output. We don't need to pass anything to another piped command in this case; we're just using tee as an alternate way of writing a file and so that we can call it with sudo.

Making this trick easy

You can add this to your .vimrc to make this trick easy-to-use: just type :w!!.

" Allow saving of files as sudo when I forgot to start vim using sudo.
cmap w!! w !sudo tee > /dev/null %

The > /dev/null part explicitly throws away the standard output, since, as I said, we don't need to pass anything to another piped command.

Install vim without root privilege

As guessed by Kaz in the comment above, ncurses does have the --without-ada option in its ./configure to disable the Ada build. This allowed me to install ncurses and consequently vim !

How do you get sudo access for a file inside the vi text editor?

% is replaced with the current file name, thus you can use:

:w !sudo tee %

(vim will detect that the file has been changed and ask whether you want to it to be reloaded. Say yes by choosing [L] rather than OK.)

As a shortcut, you can define your own command. Put the following in your .vimrc:

command W w !sudo tee % >/dev/null

With the above you can type :W<Enter> to save the file. Since I wrote this, I have found a nicer way (in my opinion) to do this:

cmap w!! w !sudo tee >/dev/null %

This way you can type :w!! and it will be expanded to the full command line, leaving the cursor at the end, so you can replace the % with a file name of your own, if you like.

Able to override the root permission of a readonly file with a non-sudo user

This is not related to docker, but just normal behavior in vim. As the file is under user directory /home/cp, hence cp user will have all permissions. What wq! command does is to delete the the old one and put new content into /home/cp/hello.txt.

You can quickly test it by creating one more file in the folder that cp has no full permission.

vimrc settings for user dont work for root

root is a user too, when you start vim with root, vim load the root's Home/.vimrc usually it is /root/.vimrc

You can cp or ln -s your user's vimrc to /root if this is a personal desktop machine.

I hope I understood your problem.

User-unique .vimrc file for servers as root user

I can think of 3 options. The first one is probably the simplest.

1. call vim like the following vim -u /path/to/custom/.conifg fileToEdit
   
   Man Entry:
   

   -u {vimrc}  Use  the commands in the file {vimrc} for initializations. 
   

   
   

   All the other initial‐
   izations are skipped. Use this to edit a special
   kind of files. It can also be
   used to skip all initializations by giving the name
   "NONE". See ":help initial‐
   ization" within vim for more details.

     -U {gvimrc} Use the commands in the file {gvimrc} for GUI
   

   
   

   initializations. All the other GUI
   initializations are skipped. It can also be used to
   skip all GUI initializations
   by giving the name "NONE". See ":help gui-init"
   within vim for more details.

2. sudo -i as was specified by @knittl https://stackoverflow.com/questions/6471592/user-unique-vimrc-file-for-servers-as-root-user/6471766#6471766

3. lastly, https://stackoverflow.com/questions/1031396/how-to-share-one-vimrc-file-among-multiple-clients/1031624#1031624 which suggests keeping a set of personal config files in git or another version control system. Therefore each user could checkout what they need upon log in. Also, you can keep a history of your changes. version control is never a bad idea.

---

Related Topics