Bash scripts requiring sudo password

Question

I'm creating a Bash installer script which compiles and installs some libraries for both OSX and Linux. Because some commands in my script ("make install", "apt-get install", "port install", etc) require sudo, I need the user to supply the password.

Currently the user gets asked for the password whenever the first sudo command is about to execute, but because this is often after a compile stage, there is always some time between starting the script and having to enter the password.

I would like to put the password entry + check at the beginning of the script. Also I am curious if this is really an ok way of installing system libraries.

Alternatively I could install the libraries in a local sandbox location which doesn't require sudo, but then I'll have to tell apt-get and macports where to install their libraries other then the default /usr/local/ and /opt/local, and I'm not sure how to do that nor if that's a clever idea at all.

score 89 · Accepted Answer · answered Oct 20 '10 at 09:31

89

To get the password, just put sudo echo "Thanks." at the start of the script.

But I would prefer this solution:

if [[ $UID != 0 ]]; then
    echo "Please run this script with sudo:"
    echo "sudo $0 $*"
    exit 1
fi

answered Oct 20 '10 at 09:31

Aaron Digulla

321,842
108
597
820

Why `echo` for sudo if you can `sudo` directly? – Tobias Kienzler Oct 17 '12 at 12:02
1

@TobiasKienzler: Because the question asked for it. – Aaron Digulla Oct 17 '12 at 14:51
4

I had trouble using $UID on Solaris -- the var was blank when running a script with sudo. So I had to check for `id -u` instead. – Michael R Apr 22 '13 at 17:10
1

I know this is an old question, but for anyone else coming across it, you can do `sudo echo -n` if you want to prompt them for the password without echoing any text. The `-n` is used to suppress the trailing newline character. – Paccc Jun 23 '16 at 03:47
This would require that the user is allowed to run echo as root in the sudoers policy which would be a strange policy (except for maybe desktop boxes where the user is allowed to run all commands as all users on all hosts ...). – rexford Apr 12 '19 at 14:37

score 5 · Answer 2 · answered Feb 04 '17 at 02:32

5

For those who don't want to elevate the entire script (to limit risks by only using sudo within the script where needed) the first part of the accepted answer sudo echo "Thanks" works but won't respond to sudo password failure by exiting the script. To accomplish this, scripts that include sudo commands and want to ensure sudo access before it's used could start with

if [[ ! $(sudo echo 0) ]]; then exit; fi

The caveat is that you are relying on the existence of a sudoers timeout that will last the duration of your script to suppress the rest of the prompts.

answered Feb 04 '17 at 02:32

Travis R

349
4
6

this result is the same with or without using the sudo command. – Shōgun8 Jan 23 '23 at 19:24
@Shōgun8, I think maybe you've already run sudo, or are root? – Travis R Jan 23 '23 at 23:28

Paul Back · Answer 3 · 2019-09-06T16:02:27.133

2

Maybe a bit easier to read:

[ $(whoami) == "root" ] || exit

edited Sep 06 '19 at 16:02

answered Sep 06 '19 at 15:57

Paul Back

1,269
16
23

This doesn't exit by default .... `[ $(whoami) == "root" ] || (echo "No." && exit 1)` – Ray Foss Sep 21 '20 at 01:06

score 1 · Answer 4 · answered May 26 '18 at 02:43

1

Another way to go about it :

function checkSudo() {
    if ((EUID != 0)); then
        echo "Granting root privileges for script ( $SCRIPT_NAME )"
        if [[ -t 1 ]]; then
            sudo "$0" "$@"
        else
            exec 1>output_file
            gksu "$0" "$@"
        fi
        exit
    fi
}

answered May 26 '18 at 02:43

Mike Q

6,716
5
55
62

EUID probably needs a $ before it to dereference it. And what is "gksu"? – pmarreck Feb 08 '22 at 16:48

Bash scripts requiring sudo password

4 Answers4

Linked