stackoom
  简体   繁体   中英

What's the best way to test if a user can sudo in Bash?

 原文  2017-02-13 01:07:28       linux/ bash/ output-redirect

Question

Reading the sudo man page, I see that the -v flag can be used to check if the user has sudo privileges in his workstation. I have a piece of script that needs to test it. If the user has not sudo privileges, it prints on screen:

Sorry, user tester may not run sudo on debian.

How can I suppress this message and just execute the rest of the code?

3 answers

solution1
 4 ACCPTED  2017-02-13 01:21:32

Try to append >/dev/null in your command. In case the message is printed in stderr then use 2>/dev/null or as advised in comments use &>/dev/null to redirect both stdout and stderr to null.

solution2
 0  2023-01-25 00:08:55

Depends on what you mean by "can user sudo"

Short answer:

If can_auto_sudo=$(sudo -l -n sudo &>/dev/null; echo $?) is 0, you can sudo as much as you want.

Long Answer

  • Do you need to test before or can you just handle error cases?
  • How much do you need to know, the sudoers real username is a valid piece of data to want, for example.
  • This question is often asking several different but related questions. So I will ask those more precisely and then answer for each.

1. Is this script being run using sudo?

[ $EUID -eq 0 ] || exit 1 [ $EUID -eq 0 ] || exit 1 # Exit if not effectively root

2. Can this user run a specific command as root using sudo?

sudo -l /usr/bin/program &>/dev/null || exit 2 sudo -l /usr/bin/program &>/dev/null || exit 2 # Exit if it can't run this as sudo

3. Can this user run sudo without interacting?

sudo -l -n /usr/bin/program &>/dev/null || exit 3 sudo -l -n /usr/bin/program &>/dev/null || exit 3 # Exit if requires interaction

4. Can I check all that ahead of time?

`sudo -ll -U $USER # tells you which commands can be runs with sudo by user (have to parse yourself)

5. Script being run with sudo or actually root?

[[ "$(printenv SUDO_USER)" = "" ]] || echo "$SUDO_USER is sudoing!" && exit 5

solution3
 0  2023-01-25 00:39:38

Using sudo -l or --list As per the man page, sudo can be used with -l or --list to get the list of allowed and forbidden commands for any particular user.

The syntax would be: sudo -l [-AknS] [-a type] [-g group] [-h host] [-p prompt] [-U user] [-u user] [command]

If we use sudo --list without any arguments, then it will print the list of allowed and forbidden commands for the user who is executing the sudo command

sudo --list

User root may run the following commands on client: (ALL) ALL

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question what is the best way to interchange 2 words in a file in bash What's the best way to mix remote expect scripts and local bash commands? sudo su - user works but 'sudo -H -S -n -u user/bin/sh -c''echo test" doesn't work what is the best way to test the performance of a program in linux Identify user in a Bash script called by sudo What's the difference? sudo restart How can I execute a series of commands in a bash subshell as another user using sudo? what is the best way to get target substring through regex in bash script What is the best way to parse command line options in bash shell? What's the easiest way to test a gateway?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM