Reputation: 407
prevent sudo command when executing a bash script
I am aware that I can prevent sudo command while I execute script; Suppose I have one test bash script and I don’t want that someone executes this script by issuing the following command:
username:~#sudo ./test
I implement one of following methods to prevent the above execution, I also implement one die method for that.
if [[ $UID = 0 ]] ; then
die "Please dont use sudo command with script"
fi
But i am not sure what I'm supposed to implement if root user themselves want to use the script. My above method will prevent root to use that script.
I am ok if root wants to execute script by this manner
root:~#./test
Upvotes: 1
Views: 1978
Answers (2)
Reputation: 195039
I think you could check $SUDO_USER
from man page of sudo:
SUDO_USER
Set to the login name of the user who invoked sudo.
a little test:
#!/bin/bash
[[ -z $SUDO_USER ]] && echo "Not from sudo" || echo "You are from sudo"
save it as t.sh then we have:
kent$ ./t.sh
Not from sudo
kent$ su
Password:
root# ./t.sh
Not from sudo
kent$ sudo ./t.sh
You are from sudo
Upvotes: 2
Reputation: 3239
There is an answer on serverfault. In essence, there are multiple environment variables set:
SUDO_COMMAND
SUDO_USER
SUDO_UID
SUDO_GID
As noted in the linked post, they can be faked by setting them by hand. It might help you in your case, though.
Upvotes: 1
Related Questions
- Use sudo without password INSIDE a script
- Bash: Preventing part of script from running as sudo
- Executing sudo command in bash script without displaying it
- Bash scripts requiring sudo password
- Shell script calls sudo; how do I suppress the password prompt
- sudo for single command in bash script
- Prompt for `sudo` only if Bash script runs into "Permission denied"
- Execute Shell script without sudo password
- Sudoers can't prevent commands from executing from bash shell script
- Write shell script that can only be run by a sudo user in Ubuntu