0

I have a bash script that partially needs to be running with default user rights, but there are some parts that involve using sudo (like copying stuff into system folders) I could just run the script with sudo ./script.sh, but that messes up all file access rights, if it involves creating or modifying files in the script.

So, how can I run script using sudo for some commands? Is it possible to ask for sudo password in the beginning (when the script just starts) but still run some lines of the script as a current user?

Improve this question
1
  • 2
    The very first sudo in the script will prompt for the password. The succeeding sudo commands will not prompt for password as long as the sudo timestamp is still active. At the end of the script you have to remove the timestamp using sudo -k. Commented Dec 24, 2013 at 0:44

2 Answers 2

Reset to default
4

You could add this to the top of your script:

while ! echo "$PW" | sudo -S -v > /dev/null 2>&1; do
    read -s -p "password: " PW
    echo
done

That ensures the sudo credentials are cached for 5 minutes. Then you could run the commands that need sudo, and just those, with sudo in front.

Edit: Incorporating mklement0's suggestion from the comments, you can shorten this to:

sudo -v || exit

The original version, which I adapted from a Python snippet I have, might be useful if you want more control over the prompt or the retry logic/limit, but this shorter one is probably what works well for most cases.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Good to know about -v, but couldn't your loop be replaced with just sudo -v?
I think Ctrl-C to leave the retry loop wouldn't work properly in that case.
You can use sudo -v || exit, which will exit the script with a non-zero exit code if Ctrl+C is pressed or after too many unsuccessful attempts. What is it that you think won't work properly?
That sounds like a good solution, I think that would work well. I added it to the answer text.
1

Each line of your script is a command line. So, for the lines you want, you can simply put sudo in front of those lines of your script. For example:

#!/bin/sh

ls *.h
sudo cp *.h /usr/include/
echo "done" >>log

Obviously I'm just making stuff up. But, this shows that you can use sudo selectively as part of your script.

Just like using sudo interactively, you will be prompted for your user password if you haven't done so recently.

Improve this answer

2 Comments

but it won't prompt for password for each line that requires su, would it?
@Agzam: It won't prompt again as long as subsequent sudo commands are issued within a specific time window, which is 5 minutes by default - see man sudo; also note @user3088572's tip for expiring the cached authentication at the end of the script using sudo -k.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.