Shell script: use sudo inside it vs run it with sudo

When writing a shell script, in which some but not all commands in it need superuser privileges, shall I

add sudo to those commands which need superuser privileges, and run the shell script without sudo, or
don't add sudo to those commands which need superuser privileges, but run the shell script with sudo?

In the second way I will only need to provide my password once, but all the commands in the script will be run with superuser privilleges, including those commands which don't need.

In the first way I may need to provide my password multiple times for different sudo commands, while the superuser privileges are granted only to those commands which need them.

From security concern, the first way is better. For convenience, the second way is better.

I have been thinking of adopting the first way. So I have to deal
with the inconvenience of providing my passwords to multiple sudo
commands in the shell script.
Stephen Harris wrote:

A well written script would detect if it was running with the right permissions and not call sudo at all, but there's a lot of bad scripts

So should I use the second way? If so,
- how can I write "script would detect if it was running with the right permissions and not call sudo at all"?
- how can I improve its security to avoid the problem of giving superuser privileges to commands which don't need them when running
  the script with sudo?
Would this simple approach have the best of of both approach:
add sudo to commands which only need it, and run the script with or
without sudo depending on whether I want convenience or security?
Does this approach have some problem?

Thanks.

Best Answer

To address your first issue:

how can I write "script would detect if it was running with the right permissions and not call sudo at all"?

There is a simple and POSIX check for root:

#!/bin/sh
is_user_root ()
{
    [ "$(id -u)" -eq 0 ]
}

Alternatively, in Bash, more performance-driven coders might want to use:

#!/bin/bash
is_user_root ()
{
    [ ${EUID:-$(id -u)} -eq 0 ]
}

Note that I intentionally wrapped the code in functions for re-use.

To address your second issue:

how can I improve its security to avoid the problem of giving superuser privileges to commands which don't need them when running the script with sudo?

You can't do much about this. At least nothing comes to my mind. If I saw the script, I might have suggestions. But since you did not include it in your question... If you run the whole script with sudo or as root, I see no way to control this.

To address the comment:

What do you think of "use sudo inside it vs run it with sudo"

In my scripts, I usually proceed with the latter approach, but that does not necessarily mean I recommend it to you. Because it depends on who the script is meant for - for root only; for user mostly with the exception of having some users having sudo rights; you would have to literally include your script into the question for me to be able to answer with any value.

Best Answer

Related Solutions

Bash – Should scripts that require sudo fail if they don’t have it, or use sudo and prompt

Shell – How to retroactively make a script run as root

Related Question