How to Prompt User for Sudo Password

How to prompt user for sudo password?

You could do something like this, though it is a little bit hacky:

#!/bin/bash
function press_enter
{
    echo ""
    echo -n "Press Enter to continue"
    read
    clear
}
selection=
where_selection=
what_selection=
sudo=""
until [ "$selection" = "3" ]; do
    echo -e "Where would you like to search 
    1- Root
    2- Home
    3- Exit

    Enter your choice ---> \c"
    read selection
    case $selection in
        1) cd / ; sudo="sudo"; press_enter ;;
        2) cd /home ; sudo=""; press_enter ;;
        3) echo "Have a great day!" ; exit ;;
    esac
    echo "What is the name of the file you would like to search for?"
    read -r a
    if $sudo find . -name "$a" -print -quit | grep -q .
    then
        echo "You found the file"
    else
        echo "You haven't found the file"
    fi
done

Basically $sudo is an empty string unless the user selects 1, then it will run "sudo". A better way to do this would be to have a second if block that runs the command with sudo if needed.

How to make python script to give sudo prompt my password

I suggest you use Python's "pexpect" module which does just that.
It's based an "expect" and used to automate interactions with other programs.
It's not part of the python standard library mind you, but you do not necessarily need root to install it if you create your own python environment.

Example:

#import the pexpect module
import pexpect
# here you issue the command with "sudo"
child = pexpect.spawn('sudo /usr/sbin/lsof')
# it will prompt something like: "[sudo] password for < generic_user >:"
# you "expect" to receive a string containing keyword "password"
child.expect('password')
# if it's found, send the password
child.sendline('S3crEt.P4Ss')
# read the output
print(child.read())
# the end

More details can be found here:

https://pexpect.readthedocs.io/en/stable/api/index.html

Hope this helps!

Enter sudo password while in expect script

The answer from Donal Fellows is the right way to go, but for completeness here is the interact solution you were trying for. The command to use is

expect {
    "Input 1" { send -- "$env(input1)\r"; exp_continue }
    "Input 2" { send -- "$env(input2)\r"; exp_continue }
    "password for" { stty -echo
                    interact -u tty_spawn_id -o "\r" return
                    stty echo
                    exp_continue }
    eof
}

The problem you have is that you are running expect with the script on stdin, so interact has trouble unless you use -u tty_spawn_id to get it to work with /dev/tty and the user. You need to set the echo on/off on this tty explicitly, as sudo will only have done it on the pty between the spawned command and expect.

How do you prompt for a sudo password using Ruby?

In my opinion, running a script that does stuff internally with sudo is wrong. A better approach is to have the user run the whole script with sudo, and have the script fork lesser-privileged children to do stuff:

# Drops privileges to that of the specified user
def drop_priv user
  Process.initgroups(user.username, user.gid)
  Process::Sys.setegid(user.gid)
  Process::Sys.setgid(user.gid)
  Process::Sys.setuid(user.uid)
end

# Execute the provided block in a child process as the specified user
# The parent blocks until the child finishes.
def do_as_user user
  unless pid = fork
    drop_priv(user)
    yield if block_given?
    exit! 0 # prevent remainder of script from running in the child process
  end
  puts "Child running as PID #{pid} with reduced privs"
  Process.wait(pid)
end

at_exit { puts 'Script finished.' }

User = Struct.new(:username, :uid, :gid)
user = User.new('nobody', 65534, 65534)

do_as_user(user) do
  sleep 1 # do something more useful here
  exit! 2 # optionally provide an exit code
end

puts "Child exited with status #{$?.exitstatus}"
puts 'Running stuff as root'
sleep 1

do_as_user(user) do
  puts 'Doing stuff as a user'
  sleep 1
end

This example script has two helper methods. #drop_priv takes an object with username, uid, and gid defined and properly reduces the permissions of the executing process. The #do_as_user method calls #drop_priv in a child process before yielding to the provided block. Note the use of #exit! to prevent the child from running any part of the script outside of the block while avoiding the at_exit hook.

Often overlooked security concerns to think about:

  • Inheritance of open file descriptors
  • Environment variable filtering
  • Run children in a chroot?

Depending on what the script is doing, any of these may need to be addressed. #drop_priv is an ideal place to handle all of them.


Related Topics

Creating Makefile

(Linux) How to Run a Program of Gtk Without Display Environment? Gtk-Warning **: Cannot Open Display:

How to Prompt User for Sudo Password

Unix Shell Script to Run a List of Grep Commands from a File and Getting Result in a Single Delimited File

Get Process Executed by Mono on Gnu/Linux

Retrieve Ipv4 and Ipv6 Nameservers Programmatically

Differencebetween These Two Commands Which Are Used to Run Shell Script

Bash-Script Error 0=1: Command Not Found

Linux - Dependency Libmysqlclient.So.15 Not Found

Find and Replace a Word with Another in All File Names of a Directory

Command Substitution in Bash VS Function Calling

Why Do I Need to Use [ ] (Square Brackets) When Moving Data from Register to Memory, But Not When Other Way Around

Reading Gnu-Screen Logs with Vim

How to Run a SQL Script in Tsql

How to Detect a Blank Column in a Page Using Imagemagick to Distinguish Two Column Papers

Diff (Gnu Diffutils) 3.6 Exclude Directory

Reading Input from Keyboard with X64 Linux Syscalls (Assembly)

Unusual Behaviour of Linux's Sort Command


Leave a reply



Submit