Home Explore Help
Sign In
adnan360
/
code-backups
Watch 2
Star 2
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 3c8873224d
Branches Tags
code-backups
/
bash
/
sudo-gui-password
adnan360 8e828a99e7 Add sudo GUI password prompt example 3 years ago
..
README.md 8e828a99e7 Add sudo GUI password prompt example 3 years ago
passprompt.sh 8e828a99e7 Add sudo GUI password prompt example 3 years ago
run.sh 8e828a99e7 Add sudo GUI password prompt example 3 years ago

README.md

GUI sudo password prompt in bash

When scripts are run from GUI and not from a terminal, there are no sudo password prompts shown. For example, reboot/shutdown menu in openbox implemented with rofi or dmenu. On some systems it takes sudo reboot and a sudo password input to do a reboot. This is tricky to do in GUI. Unless polkit or any other solution is used and properly configured, it is not possible to run sudo commands from GUI. Not every system has polkit or other solutions installed. So this is a problem.

sudo has a -A or --askpass parameter which can use any program/script that can take an input and then print the input as a password prompt. e.g. Run ssh-askpass on a terminal, enter something and you'll see your input being printed out. It just prints the input to stdout. So this can be used for askpass.

Any program/script that can do this basic thing can be used with SUDO_ASKPASS to replace the default cli sudo password prompt. But it's recommended to use masked password prompt whenever possible. That means one which does not show the input on screen when being typed. It's not good to show sudo password on screen when it is being input because any person passing by can see the password.

A small note though, I am not aware if this solution has any security issues.

ssh-askpass

If you have ssh-askpass installed on your system:

SUDO_ASKPASS=`which ssh-askpass` sudo -A <some command>

For example, running "SUDO_ASKPASS=which ssh-askpass sudo -A " can be used to reboot the system.

rofi or anything else

If you don't have ssh-askpass and want to use something else, just make a simple file like this:

~/passprompt.sh

#!/usr/bin/env bash
rofi -dmenu -i -p 'sudo password' -password -theme-str 'inputbar {children: [prompt,entry];} listview {lines: 0;}'

SUDO_ASKPASS does not accept command with parameters. This is a workaround to make it take our parameters. We'll just set this script as SUDO_ASKPASS.

Make it executable with: chmod +x ~/passprompt.sh

Then run:

SUDO_ASKPASS="$HOME/passprompt.sh" sudo -A <some command>

This will first ask for password if sudo requires it. Then it will run the command. e.g. You can run SUDO_ASKPASS="$HOME/passprompt.sh" sudo -A reboot to have a script running in the GUI to ask for password and reboot.

Example

This dir has 2 scripts as an example to ask for the sudo password in GUI and then run any command as sudo. Just try:

./run.sh <some command>

For example, running ./run.sh reboot will ask for sudo password (probably won't if exception is configured) and reboot the system.