[SOLVED] CLI - Pacman without password

DKRoots · 2019-09-22 13:18:55

Hello,

First, I am French, sorry for my English

For my project, i need to install several packages with PACMAN, is there a command line to bypass the password ?

for one example, here is a part my code :

def InstallGedit(self, popup):
	popup.destroy()
	os.system('gnome-terminal -x sudo pacman -S gedit')

I know it's not recommended but i will be the only one to use it, it's just for me.

I know th e process for modify the /etc/sudoers with visudo but it's not that i want. I just want a command line.

I know too that for allow install, we can write "yes | " before sudo pacman.... for automatically validate command.

Thanks you all.

Last edited by DKRoots (2019-09-22 19:51:02)

Trilby · 2019-09-22 13:21:55

DKRoots wrote:

I know th e process for modify the /etc/sudoers with visudo but it's not that i want.

Then you are out of luck. That is the right way of doing it.

DKRoots wrote:

I just want a command line.

It should be obvious that no process that needs to run as root could just have a command line flag to magically elevate it's privileges without any authentication.

Also note in your code, gnome-terminal doesn't serve any purpose. Just run pacman - if you are going to do dangerous things by running updates unsupervised, then there is no need for a terminal to flash on the screen.

EDIT: I suppose you could use sudo's --askpass with a program that just prints your password every time it is run. But this would be even far more ill-advised than everything else you're already doing.

Last edited by Trilby (2019-09-22 13:25:37)

WorMzy · 2019-09-22 13:25:34

If you don't want to configure sudo to not prompt for a password (and assuming you're equally disinclined to set up polkit), then your only other option is to run your code as root.

Mod note: Moving to NC.

DKRoots · 2019-09-22 13:40:47

I don't do anything dangerous or ill-advised, I just wanted to know if a kind of command line like this was possible, that's all

But, I understand, thank you for your quick reply

Last edited by DKRoots (2019-09-22 13:51:42)

seth · 2019-09-22 14:32:07

echo ijustexposedmypassword | sudo -S blahfoobar

But that *is* dangerous and ill-advised…

If you're expecting something like "sudo --iamtotallyallowedtodothisandneednotprovideanypassword /bin/somecommand" the proper description for such feature would be "retarded", thus it does not exist anywhere.

You could also SUID pacman, but we'd be back at "dangerous and ill-advised"…

Whatever your problem is, you're attacking it from the wrong angle, so step back and re-think the task. Feel free to ask back but we'd need details about the actual task at hand.

Trilby · 2019-09-22 15:13:34

~~Seth, that will not even work. `sudo` does not read the password from stdin.~~ (edit: oops, I guess it does with the -S flag I missed.)

Running the python process as root would most likely be the least-bad option. But then definitely get rid of those gnome-terminals.

Last edited by Trilby (2019-09-22 18:09:06)

seth · 2019-09-22 15:28:45

Mine does.

$ sudo --help
…
  -S, --stdin                   read password from standard input
…

sudo -k
echo noneofyourbusiness | sudo -S whoami

DKRoots · 2019-09-22 15:54:33

I understood that was bad idea and i forgot it.

Like I said earlier, the idea was just skip the password for each software that i wanted to insall.

I don't think that just intall "gedit" or "nano" (for example) by bypass the password is so dangerous but it doesn't matter.
It was for automatize the task without my interaction, just with a button.

Anyway ,I'm sorry asked such a very bad thing to you.

Thank you all for your replies

WorMzy · 2019-09-22 16:46:26

Nobody said it's a bad idea, just that you're unnecessarily creating barriers for yourself leaving yourself with only bad options.

So long as you don't leave yourself in a partial update situation, I don't think anyone cares how you invoke pacman.

In any case, please remember to mark your thread as solved by editing the first post and amending the topic title.

Trilby · 2019-09-22 18:02:27

DKRoots wrote:

I don't think that just intall "gedit" or "nano" (for example) by bypass the password is so dangerous

But sudo has no idea that this is what you are doing, and it is not conscious and thus cannot make case-by-case assessments of whether a command is not so danergerous.

And installing a package can be very very dangerous. As the post install scripts (as just one example) are run as root, this would allow any arbitrary command to be run as root. So allowing `pacman -S <whatever>` to run as root would mean that any command could run as root.

Arch Linux

#1 2019-09-22 13:18:55

[SOLVED] CLI - Pacman without password

#2 2019-09-22 13:21:55

Re: [SOLVED] CLI - Pacman without password

#3 2019-09-22 13:25:34

Re: [SOLVED] CLI - Pacman without password

#4 2019-09-22 13:40:47

Re: [SOLVED] CLI - Pacman without password

#5 2019-09-22 14:32:07

Re: [SOLVED] CLI - Pacman without password

#6 2019-09-22 15:13:34

Re: [SOLVED] CLI - Pacman without password

#7 2019-09-22 15:28:45

Re: [SOLVED] CLI - Pacman without password

#8 2019-09-22 15:54:33

Re: [SOLVED] CLI - Pacman without password

#9 2019-09-22 16:46:26

Re: [SOLVED] CLI - Pacman without password

#10 2019-09-22 18:02:27

Re: [SOLVED] CLI - Pacman without password

Board footer