A simple "sudo" script

dumas · 2007-11-13 08:18:43

Hi, I wrote a simple "sudo" script for people who prefer to use su rather than sudo.

#!/bin/bash
while [ -n "$1" ]
do
        command="${command} $1"
        shift
done
su -c "$command"

Usage:
put it in /usr/sbin, then for example, do
sudo pacman -Sy
Password:
enter root password

Advantages:
for those who don't like sudo, this sudo script is convenient for one line commands
simple bash completion

Hope you find it useful

Cerebral · 2007-11-13 12:00:46

Couldn't you just do:

#!/bin/bash

su -c "$@"

dumas · 2007-11-13 12:14:15

Ah, yes. Forgot the $@.
But with this simple script I don't see any reason to use the original sudo anymore. The time stamp is convenient but is also a potential security problem.

mucknert · 2007-11-13 12:17:29

Uh. sudo allows a much finer selection of rights. You can say what user or group is allowed to execute with its own password (or no password at all) instead of the root pw. That's a lot more than your script does and those are good reasons, too. Read up on sudo one day. You will be suprised.

Last edited by mucknert (2007-11-13 12:25:31)

Xilon · 2007-11-13 12:23:16

Cerebral wrote:

Couldn't you just do:
#!/bin/bash

su -c "$@"

Couldn't you just do:

alias sudo='su -c'

And what mucknert said...

dumas · 2007-11-13 13:25:08

Xilon wrote:

Couldn't you just do:
alias sudo='su -c'

That would require you to manually put ' ' around your command, and miss bash completion.

mucknert wrote:

Uh. sudo allows a much finer selection of rights. You can say what user or group is allowed to execute with its own password (or no password at all) instead of the root pw. That's a lot more than your script does and those are good reasons, too. Read up on sudo one day. You will be suprised.

Thanks for your suggestion, I just had a quick read through sudo and sudoers. This is some stuff I found:

The time stamp issue was never a big one, and you can configure the time or disable it. I find sudo -k useful too.

I thought sudo might add security risk if the user password was compromised, but you can configure sudo to ask for the root password. However, this would defeat the purpose for those who disable root.

I also have a questions: if you want to do access control, why would you prefer sudo over simple file permissions? Or is sudo primarily used as a finer access control scheme?

Again, thanks for your advice, I really appreciate it. Please point out anything wrong with my questions. The manual was pretty long, so I'm bound to miss something.

.:B:. · 2007-11-13 13:29:01

I'd rather specify the binaries a user can have root access to than to go change permissions on all those binaries, over and over with each upgrade.

Arch Linux

#1 2007-11-13 08:18:43

A simple "sudo" script

#2 2007-11-13 12:00:46

Re: A simple "sudo" script

#3 2007-11-13 12:14:15

Re: A simple "sudo" script

#4 2007-11-13 12:17:29

Re: A simple "sudo" script

#5 2007-11-13 12:23:16

Re: A simple "sudo" script

#6 2007-11-13 13:25:08

Re: A simple "sudo" script

#7 2007-11-13 13:29:01

Re: A simple "sudo" script

Board footer