sudo - howto confirm execution but not requesting password
Clash Royale CLAN TAG#URR8PPP
up vote
3
down vote
favorite
I am searching for a way to configure sudo to not ask for a password (e.G. adding the NOPASSWD to the /etc/sudoers configuration but echoing the command to be executed for confirmation by asking something
Shall command cat /etc/passwd be executed? (y/N)
sudo
asked Mar 7 at 2:33
Matthias Goldhoorn
182
add a comment |Â
up vote
3
down vote
favorite
I am searching for a way to configure sudo to not ask for a password (e.G. adding the NOPASSWD to the /etc/sudoers configuration but echoing the command to be executed for confirmation by asking something
Shall command cat /etc/passwd be executed? (y/N)
sudo
asked Mar 7 at 2:33
Matthias Goldhoorn
182
1
Who does this command get echoed to? Who is to approve it? How does this link to sudo?
– Chris Down
Mar 7 at 2:40
add a comment |Â
up vote
3
down vote
favorite
up vote
3
down vote
favorite
I am searching for a way to configure sudo to not ask for a password (e.G. adding the NOPASSWD to the /etc/sudoers configuration but echoing the command to be executed for confirmation by asking something
Shall command cat /etc/passwd be executed? (y/N)
sudo
asked Mar 7 at 2:33
Matthias Goldhoorn
182
I am searching for a way to configure sudo to not ask for a password (e.G. adding the NOPASSWD to the /etc/sudoers configuration but echoing the command to be executed for confirmation by asking something
Shall command cat /etc/passwd be executed? (y/N)
sudo
asked Mar 7 at 2:33
Matthias Goldhoorn
182
asked Mar 7 at 2:33
Matthias Goldhoorn
182
asked Mar 7 at 2:33
Matthias Goldhoorn
182
asked Mar 7 at 2:33
Matthias Goldhoorn
182
182
1
Who does this command get echoed to? Who is to approve it? How does this link to sudo?
– Chris Down
Mar 7 at 2:40
add a comment |Â
1
Who does this command get echoed to? Who is to approve it? How does this link to sudo?
– Chris Down
Mar 7 at 2:40
1
1
Who does this command get echoed to? Who is to approve it? How does this link to sudo?
– Chris Down
Mar 7 at 2:40
Who does this command get echoed to? Who is to approve it? How does this link to sudo?
– Chris Down
Mar 7 at 2:40
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
1
down vote
accepted
I think the below function may be able to solve your prompt problem:
sudo ()
local command=$@
read -rp "Shall command $command be executed? (y/N): "
local YORN_RESP="$(grep -i "[YN]" <<<"$REPLY:0:1"
As long as this function is loaded it will take precedence over the sudo command, however it will not prevent people from executing /bin/sudo directly.
For the no password sudo it sounds like you have already found the solution but you need to uncomment the following line in your /etc/sudoers file:
%wheel ALL=(ALL) NOPASSWD: ALL
answered Mar 7 at 2:52
Jesse_b
10.4k22658
I don't think you want$@there in theread.
– Michael Homer
Mar 7 at 3:17
Have you tried actually running your code?
– Michael Homer
Mar 7 at 3:29
3
You should usecommand sudoinstead of/bin/sudo, sincesudomay not always be located in/bin. And you can remove a bunch oflocaldeclarations if you run it in a subshell (sudo () ( ... )instead ofsudo () ...).
– muru
Mar 7 at 6:15
2
Also, dropRESPand use the defaultREPLYvariable thatreadputs its data into.
– Kusalananda
Mar 7 at 7:34
1
From a UI perspective, I’d expect to be able to hit Enter at that prompt and have it assume Y; you seem to be requiring an entry. I’d suggest accepting an empty result as Y or lowercasing the Y in the prompt.
– Jeff Schaller
Mar 7 at 11:37
 |Â
show 4 more comments
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
accepted
I think the below function may be able to solve your prompt problem:
sudo ()
local command=$@
read -rp "Shall command $command be executed? (y/N): "
local YORN_RESP="$(grep -i "[YN]" <<<"$REPLY:0:1"
As long as this function is loaded it will take precedence over the sudo command, however it will not prevent people from executing /bin/sudo directly.
For the no password sudo it sounds like you have already found the solution but you need to uncomment the following line in your /etc/sudoers file:
%wheel ALL=(ALL) NOPASSWD: ALL
answered Mar 7 at 2:52
Jesse_b
10.4k22658
I don't think you want$@there in theread.
– Michael Homer
Mar 7 at 3:17
Have you tried actually running your code?
– Michael Homer
Mar 7 at 3:29
3
You should usecommand sudoinstead of/bin/sudo, sincesudomay not always be located in/bin. And you can remove a bunch oflocaldeclarations if you run it in a subshell (sudo () ( ... )instead ofsudo () ...).
– muru
Mar 7 at 6:15
2
Also, dropRESPand use the defaultREPLYvariable thatreadputs its data into.
– Kusalananda
Mar 7 at 7:34
1
From a UI perspective, I’d expect to be able to hit Enter at that prompt and have it assume Y; you seem to be requiring an entry. I’d suggest accepting an empty result as Y or lowercasing the Y in the prompt.
– Jeff Schaller
Mar 7 at 11:37
 |Â
show 4 more comments
up vote
1
down vote
accepted
I think the below function may be able to solve your prompt problem:
sudo ()
local command=$@
read -rp "Shall command $command be executed? (y/N): "
local YORN_RESP="$(grep -i "[YN]" <<<"$REPLY:0:1"
As long as this function is loaded it will take precedence over the sudo command, however it will not prevent people from executing /bin/sudo directly.
For the no password sudo it sounds like you have already found the solution but you need to uncomment the following line in your /etc/sudoers file:
%wheel ALL=(ALL) NOPASSWD: ALL
answered Mar 7 at 2:52
Jesse_b
10.4k22658
I don't think you want$@there in theread.
– Michael Homer
Mar 7 at 3:17
Have you tried actually running your code?
– Michael Homer
Mar 7 at 3:29
3
You should usecommand sudoinstead of/bin/sudo, sincesudomay not always be located in/bin. And you can remove a bunch oflocaldeclarations if you run it in a subshell (sudo () ( ... )instead ofsudo () ...).
– muru
Mar 7 at 6:15
2
Also, dropRESPand use the defaultREPLYvariable thatreadputs its data into.
– Kusalananda
Mar 7 at 7:34
1
From a UI perspective, I’d expect to be able to hit Enter at that prompt and have it assume Y; you seem to be requiring an entry. I’d suggest accepting an empty result as Y or lowercasing the Y in the prompt.
– Jeff Schaller
Mar 7 at 11:37
 |Â
show 4 more comments
up vote
1
down vote
accepted
up vote
1
down vote
accepted
I think the below function may be able to solve your prompt problem:
sudo ()
local command=$@
read -rp "Shall command $command be executed? (y/N): "
local YORN_RESP="$(grep -i "[YN]" <<<"$REPLY:0:1"
As long as this function is loaded it will take precedence over the sudo command, however it will not prevent people from executing /bin/sudo directly.
For the no password sudo it sounds like you have already found the solution but you need to uncomment the following line in your /etc/sudoers file:
%wheel ALL=(ALL) NOPASSWD: ALL
answered Mar 7 at 2:52
Jesse_b
10.4k22658
I think the below function may be able to solve your prompt problem:
sudo ()
local command=$@
read -rp "Shall command $command be executed? (y/N): "
local YORN_RESP="$(grep -i "[YN]" <<<"$REPLY:0:1"
As long as this function is loaded it will take precedence over the sudo command, however it will not prevent people from executing /bin/sudo directly.
For the no password sudo it sounds like you have already found the solution but you need to uncomment the following line in your /etc/sudoers file:
%wheel ALL=(ALL) NOPASSWD: ALL
answered Mar 7 at 2:52
Jesse_b
10.4k22658
edited Mar 7 at 17:10
answered Mar 7 at 2:52
Jesse_b
10.4k22658
answered Mar 7 at 2:52
Jesse_b
10.4k22658
answered Mar 7 at 2:52
Jesse_b
10.4k22658
10.4k22658
I don't think you want$@there in theread.
– Michael Homer
Mar 7 at 3:17
Have you tried actually running your code?
– Michael Homer
Mar 7 at 3:29
3
You should usecommand sudoinstead of/bin/sudo, sincesudomay not always be located in/bin. And you can remove a bunch oflocaldeclarations if you run it in a subshell (sudo () ( ... )instead ofsudo () ...).
– muru
Mar 7 at 6:15
2
Also, dropRESPand use the defaultREPLYvariable thatreadputs its data into.
– Kusalananda
Mar 7 at 7:34
1
From a UI perspective, I’d expect to be able to hit Enter at that prompt and have it assume Y; you seem to be requiring an entry. I’d suggest accepting an empty result as Y or lowercasing the Y in the prompt.
– Jeff Schaller
Mar 7 at 11:37
 |Â
show 4 more comments
I don't think you want$@there in theread.
– Michael Homer
Mar 7 at 3:17
Have you tried actually running your code?
– Michael Homer
Mar 7 at 3:29
3
You should usecommand sudoinstead of/bin/sudo, sincesudomay not always be located in/bin. And you can remove a bunch oflocaldeclarations if you run it in a subshell (sudo () ( ... )instead ofsudo () ...).
– muru
Mar 7 at 6:15
2
Also, dropRESPand use the defaultREPLYvariable thatreadputs its data into.
– Kusalananda
Mar 7 at 7:34
1
From a UI perspective, I’d expect to be able to hit Enter at that prompt and have it assume Y; you seem to be requiring an entry. I’d suggest accepting an empty result as Y or lowercasing the Y in the prompt.
– Jeff Schaller
Mar 7 at 11:37
I don't think you want
$@ there in the read.– Michael Homer
Mar 7 at 3:17
I don't think you want
$@ there in the read.– Michael Homer
Mar 7 at 3:17
Have you tried actually running your code?
– Michael Homer
Mar 7 at 3:29
Have you tried actually running your code?
– Michael Homer
Mar 7 at 3:29
3
3
You should use
command sudo instead of /bin/sudo, since sudo may not always be located in /bin. And you can remove a bunch of local declarations if you run it in a subshell (sudo () ( ... ) instead of sudo () ... ).– muru
Mar 7 at 6:15
You should use
command sudo instead of /bin/sudo, since sudo may not always be located in /bin. And you can remove a bunch of local declarations if you run it in a subshell (sudo () ( ... ) instead of sudo () ... ).– muru
Mar 7 at 6:15
2
2
Also, drop
RESP and use the default REPLY variable that read puts its data into.– Kusalananda
Mar 7 at 7:34
Also, drop
RESP and use the default REPLY variable that read puts its data into.– Kusalananda
Mar 7 at 7:34
1
1
From a UI perspective, I’d expect to be able to hit Enter at that prompt and have it assume Y; you seem to be requiring an entry. I’d suggest accepting an empty result as Y or lowercasing the Y in the prompt.
– Jeff Schaller
Mar 7 at 11:37
From a UI perspective, I’d expect to be able to hit Enter at that prompt and have it assume Y; you seem to be requiring an entry. I’d suggest accepting an empty result as Y or lowercasing the Y in the prompt.
– Jeff Schaller
Mar 7 at 11:37
 |Â
show 4 more comments
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f428658%2fsudo-howto-confirm-execution-but-not-requesting-password%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
1
Who does this command get echoed to? Who is to approve it? How does this link to sudo?
– Chris Down
Mar 7 at 2:40