Is there a way to automatically pass a password to sudo without having to type it in?
Let’s say your password was in the file called password
Pipe it into sudo -S
Example:
echo password | sudo -S rm /path/to/item
How to supply sudo with password from script?
If, as you say, you completely don't care about security...
Run visudo
to edit /etc/sudoers
with validation in place. Add the following line:
ALL ALL=(ALL) NOPASSWD: ALL
This will prevent sudo
from ever asking for a password, for any user, for any command.
How to pass the password to su/sudo/ssh without overriding the TTY?
For sudo there is a -S option for accepting the password from standard input. Here is the man entry:
-S The -S (stdin) option causes sudo to read the password from
the standard input instead of the terminal device.
This will allow you to run a command like:
echo myPassword | sudo -S ls /tmp
As for ssh, I have made many attempts to automate/script it's usage with no success. There doesn't seem to be any build-in way to pass the password into the command without prompting. As others have mentioned, the "expect" utility seems like it is aimed at addressing this dilemma but ultimately, setting up the correct private-key authorization is the correct way to go when attempting to automate this.
vscode always ask for permission to save
Make sure that you (as an Ubuntu user account) are the owner of the folder and files you are editing in VSCode:
cd /path/to/my/files
chown -R $USER:$USER .
Note: If you are not the user, you might have to precede that with sudo
:
sudo chown -R $USER:$USER .
(Note: full stop makes you the owner of the files in the parent directory)
How to make python script to give sudo prompt my password
I suggest you use Python's "pexpect" module which does just that.
It's based an "expect" and used to automate interactions with other programs.
It's not part of the python standard library mind you, but you do not necessarily need root to install it if you create your own python environment.
Example:
#import the pexpect module
import pexpect
# here you issue the command with "sudo"
child = pexpect.spawn('sudo /usr/sbin/lsof')
# it will prompt something like: "[sudo] password for < generic_user >:"
# you "expect" to receive a string containing keyword "password"
child.expect('password')
# if it's found, send the password
child.sendline('S3crEt.P4Ss')
# read the output
print(child.read())
# the end
More details can be found here:
https://pexpect.readthedocs.io/en/stable/api/index.html
Hope this helps!
Specify sudo password for Ansible
You can pass variable on the command line via --extra-vars "name=value"
. Sudo password variable is ansible_sudo_pass
. So your command would look like:
ansible-playbook playbook.yml -i inventory.ini --user=username \
--extra-vars "ansible_sudo_pass=yourPassword"
Update 2017: Ansible 2.2.1.0 now uses var ansible_become_pass
. Either seems to work.
Update 2021: ansible_become_pass is still working, but for now, we should use -e instead of --extra-vars
Editing sudoers file still asks for password
/sys/class/gpio/export (and the others) are pseudo-files, not a program. Sudo works on limiting access to programs, not files.
I'd suggest looking at https://serverfault.com/questions/641483/how-to-grant-user-modify-only-specific-protected-file-by-sudo (or more specifically, there should be a way to use extended permissions to grant access to a user to the 3 sys files you care about in a way that doesn't require root.
Alternatively, and this is probably easier, you could do username ALL=NOPASSWD: /usr/bin/blinkscript
(where /usr/bin/blinkscript is your python program with the #!/usr/bin/python and permissions set so username cannot overwrite the file etc.)
Specific demonstration for clarity:
Given a file blinkscript that consists of:
#!/usr/bin/python
print ("Hello World")
which is put in /usr/bin, owned by root, with permissions 700
(as in doing ls -l /usr/bin/blinkscript
comes back with something like:
-rwx------. 1 root root 40 Apr 8 19:52 /usr/bin/blinkscript
)
and then having a line toward the bottom of your sudoers file of the form:
user1 ALL=NOPASSWD: /usr/bin/blinkscript
If I, as user1 do:blinkscript
I get: "permission denied"
If I, as user1 do:sudo blinkscript
I get: "Hello World" (without being prompted for a password)
(Note that I do not have to explicitly do /usr/bin/blinkscript, but that also works)
If I as user2 (who doesn't have any sudo privs) do:sudo blinkscript
I get prompted for a password and then put on the bad boy list
(Also note that I used permissions of 700 to clearly show the permissions; doing something like 755 would also be fine and the point would be that if your script tried to touch the /sys files, it would work when run with sudo and not without; the point I was trying to make is that if you make the permissions 777 or owned by user1, then user1 could edit the file to run whatever commands they wanted, defeating the purpose of not just doing user1 all=all nopasswd: all
in the first place
)
Related Topics
Error While Building Pjsip in Linux
Cmake: How to Suppress "Entering Directory" Messages
How to Reserve Ip When Provisioning Azure Vm (Resource Manager)
What Happens When I Sudo Bash -C
How to Strip Down My Yocto Linux
Compiling Kernel Error: Stdio.H: No Such File or Directory
How to Use 'Catdoc' to Display Dock File Encoded in Utf-8
Can't Increment a 0-Padded Number Past 8 in Busybox Sh
Format and Filter File to CSV Table
Adding Stackless Threading to Bsd Kernel
Perl Signal Processing Only Works Once When Sighandler Calls Subroutine
Recursively Listing The Contents of a Tar/Zip Archive
How to Determine from Where a Program Jumped to an Invalid Address - Without Single-Stepping