When writing a shell script, in which some but not all commands in it need superuser privileges, shall I
-
add sudo to those commands which need superuser privileges, and run the shell script without sudo, or
-
don't add sudo to those commands which need superuser privileges, but run the shell script with sudo?
In the second way I will only need to provide my password once, but all the commands in the script will be run with superuser privilleges, including those commands which don't need.
In the first way I may need to provide my password multiple times for different sudo commands, while the superuser privileges are granted only to those commands which need them.
From security concern, the first way is better. For convenience, the second way is better.
-
I have been thinking of adopting the first way. So I have to deal
with the inconvenience of providing my passwords to multiple sudo
commands in the shell script. -
A well written script would detect if it was running with the right permissions and not call sudo at all, but there's a lot of bad scripts
So should I use the second way? If so,
-
how can I write "script would detect if it was running with the right permissions and not call sudo at all"?
-
how can I improve its security to avoid the problem of giving superuser privileges to commands which don't need them when running
the script with sudo?
-
- Would this simple approach have the best of of both approach:
add sudo to commands which only need it, and run the script with or
without sudo depending on whether I want convenience or security?
Does this approach have some problem?
Thanks.
Best Answer
To address your first issue:
There is a simple and POSIX check for root:
Alternatively, in Bash, more performance-driven coders might want to use:
Note that I intentionally wrapped the code in functions for re-use.
To address your second issue:
You can't do much about this. At least nothing comes to my mind. If I saw the script, I might have suggestions. But since you did not include it in your question... If you run the whole script with
sudo
or asroot
, I see no way to control this.To address the comment:
In my scripts, I usually proceed with the latter approach, but that does not necessarily mean I recommend it to you. Because it depends on who the script is meant for - for
root
only; for user mostly with the exception of having some users havingsudo
rights; you would have to literally include your script into the question for me to be able to answer with any value.