asking for root password from within a shell script

win32sux · 08-27-2006, 02:41 AM

i have a shell script which i want to be run as a non-root user, but near the end, it needs root permissions for a few commands... i would like my script to prompt me for the root password before it gets to the part that needs root privilages, so that it can proceed without problems... could you show me how to do it, please??

here's a simple illustration of what i mean:

Code:

#!/bin/sh

./configure && make

# Ask for root password here.

make install

# Drop root privilages here.

echo "Done."

thanks in advance!!!

jlliagre · 08-27-2006, 02:47 AM

No need to prompt the user for root password, su will do it for you:

Code:

su root -c "make install"

win32sux · 08-27-2006, 02:51 AM

thanks for the quick reply!!!

wait, so you're saying i just need to insert a line like that into the script?? if so, then wow - i had no idea it would be so simple... thanks again!!!

a follow-up question if i could: how would it work if i needed to execute several lines of commands as root?? would i need to put them all in a function and then give that to su?? or is there a more elegant way??

jlliagre · 08-27-2006, 03:00 AM

Quote:

Originally Posted by win32sux

thanks for the quick reply!!!

wait, so you're saying i just need to insert a line like that into the script??

Indeed.

Quote:

a follow-up question if i could: how would it work if i needed to execute several lines of commands as root?? would i need to put them all in a function and then give that to su?? or is there a more elegant way??

You can put all the commands in another shell script, not a function (if you mean a shell function).

If you want a self-contained solution, you can also pass several lines to su, like this:

Code:

su root -c "
make install
touch /tmp/done
ls -l /tmp/done
"

Beware of double quotes within the command though.

win32sux · 08-27-2006, 03:05 AM

awesome!! thanks so much man!!

win32sux · 08-27-2006, 07:32 AM

i'm trying this on my ubuntu box for now (will do it on slackware later)... the thing is, ubuntu doesn't like "su", so i'm using sudo for now... my question is: what would be the proper way to achieve your multi-line example with sudo instead of su:

Quote:

Originally Posted by jlliagre

Code:

su root -c "
make install
touch /tmp/done
ls -l /tmp/done
"

would i need to put a sudo command on *each* line like this??:

Code:

sudo make install
sudo touch /tmp/done
sudo ls -l /tmp/done

or is there a way i can get the self-contained type of thing like you did with the quotation marks and su??

jlliagre · 08-27-2006, 07:50 AM

The problem is su and sudo doesn't really work the same way, if you don't care giving root shell rights to the user account, you can try something like:

Code:

sudo /bin/bash -c "
make install
other commands
"

win32sux · 08-27-2006, 08:01 AM

interesting, thanks...

question regarding that: it looks like that is executing the commands in a new shell, right?? would variables which were set by the non-root user in the script (prior to the "sudo /bin/bash -c") be retained (and usable)??

also, when you mentioned the root shell rights, it sounds like using sudo is more dangerous, i'm a little confused... i mean, in both cases (su and sudo) i get prompted for the root password...

jlliagre · 08-27-2006, 08:18 AM

Quote:

Originally Posted by win32sux

interesting, thanks...

question regarding that: it looks like that is executing the commands in a new shell, right?? would variables which were set by the non-root user in the script (prior to the "sudo /bin/bash -c") be retained (and usable)??

As far as I know, exported variables are preserved.

Quote:

also, when you mentioned the root shell rights, it sounds like using sudo is more dangerous, i'm a little confused...

Sudo is less dangerous than giving the root password to a user.
What I meant is allowing bash root access for a user is like giving him/her full root access for any command.

Quote:

i mean, in both cases (su and sudo) i get prompted for the root password...

Nope, with sudo, you are prompted for the user's password, not root's one.

win32sux · 08-27-2006, 08:27 AM

Quote:

Originally Posted by jlliagre

As far as I know, exported variables are preserved.

great... i'm still working on my script but i should be able to test it properly soon...

Quote:

Sudo is less dangerous than giving the root password to a user.
What I meant is allowing bash root access for a user is like giving him/her full root access for any command.

oh, okay... i understand what you meant now - thanks...

Quote:

Nope, with sudo, you are prompted for the user's password, not root's one.

hehe, yeah, my bad... thanks for clearing that up...

win32sux · 08-27-2006, 11:02 AM

just wanted to let you know that i've finally tried the script on my slackware box and it worked FLAWLESSLY... i ended-up using your original "su -c" cuz i was too lazy to configure sudo on slackware... anyhow, just wanted to share the good news and thank you once again!!!

jlliagre · 08-27-2006, 02:42 PM

You're welcome, thanks for the feedback.