sudo - prompt for comment/text


 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting sudo - prompt for comment/text
# 1  
Old 05-03-2010
sudo - prompt for comment/text

Hi. Is there any way to make sudo always prompt for a comment (requirement) before proceding with the actions?
# 2  
Old 05-03-2010
Wrap the sudo command

You can write a script that will prompt you for the requirement, store the command and response in a log file, then execute the command. Try something like the sample below. This will not work as it is, but it should help you get started.
Code:
#!/bin/bash
now=$(date +%Y%m%d_%H%M)
logFile=/Some/path/to/file.log
clear
echo '
Enter the reason for executing the command with elevated privileges: '
read response
echo 'Executed the '${*}' at '${now}' with a reason of '${response}'.' > $logFile
sudo $*

Call the script something like "mysudo," mark it executable, and execute it by typing:
Code:
mysudo someCommand

# 3  
Old 05-03-2010
Thanks. That would not prevent them from running sudo directly, however.
# 4  
Old 05-04-2010
Then, make an alias or function as sudo, and write this definition into it.

And if somebody calls sudo, your function should be called and after required actions, call sudo using absolute path.

And again, if somebody calls the sudo with absolute path, you cannot catch !
# 5  
Old 05-04-2010
The only way to prevent someone from calling sudo directly is to either remove their permissions or remove the file. Unless you want to have a new compiled executable written for your requirement, your best bet is to simply obscure the sudo function and use a script to call it if a user has entered a reason. You can have a script be executable and not readable.

Thegeek's suggestion to intercept the sudo call is a good one, although I'm not sure an alias will provide the consistency you want since users can simply redefine an alias. You can create a soft link (ln -s source/file destination/sudo) to your script and place the soft link in a location that is earlier in the search path than the sudo app.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. AIX

Sudo command prompt for a password

in the /etc/sudoer file this line was added: wtolentino ALL=(ORACLE) NOPASSWD: /bin/chmod when i tried to run this command sudo -u oracle /bin/chmod 775 /appshared/applications/lpa/executables/chrpt001.rep it prompts me for a password for example: $ pwd /appshared/applications/lpa... (2 Replies)
Discussion started by: wtolentino
2 Replies

2. Red Hat

Sudo Password Prompt over SSH

I am not sure what I am missing here. I have the following identical entry in /etc/sudoers on multiple Red Hat 6.4 servers. icinga ALL=NOPASSWD:/usr/bin/yum --security --exclude\="kernel*" check-update On one server when I enter the command over SSH as follows it works fine. ssh -t -q... (1 Reply)
Discussion started by: scotbuff
1 Replies

3. UNIX for Dummies Questions & Answers

Sudo -s without password prompt

hi, i have a requirement where i need to sudo to another user in the shell script.suppose consider user A and B, first user A calls a shell script and then i need to sudo to user B which executes another shell script inside the earlier one. also this needs to be automated like while sudo'ing to... (3 Replies)
Discussion started by: krk
3 Replies

4. Shell Programming and Scripting

ssh foo.com sudo command - Prompts for sudo password as visible text. Help?

I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this: #!/bin/bash rsync /path/on/local/machine/ foo.com:path/on/remote/machine/ ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies

5. UNIX for Dummies Questions & Answers

how to replace this text with comment

test compare shown] Replace this text with #test compare shown] (1 Reply)
Discussion started by: manoj.b
1 Replies

6. OS X (Apple)

Bash script prompt for sudo password?

I'm making a script that will be a double clickable .command file and I need it to prompt for the users admin password. So far I have: if ]; then sudo -p "Please enter your admin password: " date 2>/dev/null 1>&2 if ; then echo "You entered an invalid password... (2 Replies)
Discussion started by: PatGmac
2 Replies

7. Shell Programming and Scripting

sudo, use in script without prompt for password

I need to create an automated script where I have to use sudo to switch to multiple user so the script stops and prompts for password, Is there a way I can provide the password in same command only? Remember that, I cannot disable the password settings of sudo as I dont have rights. (4 Replies)
Discussion started by: gauravgrover50
4 Replies

8. Shell Programming and Scripting

comment text in a file

Hello folks Hope all are fine, I have query need suggestion, if these lines two lines are already commeted no need to do anything, one more thing order of alpha, gama may be different. I have a two lines in a file data.txt %checksum alpha gama beta penta hexa I want to do... (8 Replies)
Discussion started by: learnbash
8 Replies

9. Shell Programming and Scripting

Need to add a comment line in a text file

Hi I need to add a comment line at the begining of a text file. The scenario is given below. 1. The number of servers that needs to be updated is around 80 2. The location of the text file in all the servers are the same including the file name. 3. The comment has to be added at the very... (2 Replies)
Discussion started by: orakhan
2 Replies

10. UNIX for Dummies Questions & Answers

sudo in OS X shell script without password prompt??

I've written a shell script to alter a particular preference file on OS X (10.3.9), which works fine (tested by running the script from the terminal sat in front of the box). Problem is, I now have to run this script remotely across a number of machines via remote desktop, so where I've used the... (1 Reply)
Discussion started by: Brad_GNET
1 Replies
Login or Register to Ask a Question