Shell script remembering the password for a little longer

technossomy · December 6, 2024, 3:22pm

I have a C project consisting of about 1350 C-files which need to be compiled and am using the following script for that (edited for brevity):

echo -n Password: 
read -s password
echo
./configure
make
make check
sudo make install $password

Because of its size, when the script has reached the final make install step, it has already forgotten the password, at which point my script stalls. Currently I have two workarounds: 1: skip test file compilation and 2: execute make check after make install.

Is there a more structural solution such that my script remembers the password for a little longer?

vgersh99 · December 6, 2024, 4:01pm

scripts don't usually suffer from amnesia - something else is wrong.
First, instead of:

echo -n Password: 
read -s password

do

read -s -p 'Password: ' password

Secondly,
does your make install step take an optional $password parameter? I doubt it.
Are you trying to pass $password to sudo? What's the intent of:

sudo make install $password

Put set -x at the top of your script (after the she-bang - e.g. #!/bin/bash) and see what happens.
You can comment out ALL lines, but the last sudo line.

technossomy · December 6, 2024, 4:22pm

Thanks, will revert with my findings. And yes, some of my lines are from low-quality websites.

Paul_Pedant · December 6, 2024, 4:51pm

You could sudo bash into a new shell, which will retain the permissions indefinitely.

Then run your script, but execute any commands in it which need to be in user mode like:

### root ###: ~ # pwd; id
/root
uid=0(root) gid=0(root) groups=0(root)
### root ###: ~ # sudo -i -u paul -- bash -c ' pwd; id '
/home/paul
uid=1000(paul) gid=1000(paul) groups=1000(paul),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),115(lpadmin),136(sambashare)
### root ###: ~ #

technossomy · December 6, 2024, 8:02pm

This seems to work, albeit the removal of directories that were created in preparation for a rerun need root privileges also. Minor issue.

Done and was a useful debugging feature.

MadeInGermany · December 6, 2024, 9:10pm

Perhaps it's a sudo password? Then it is

echo "$password" | sudo --stdin make install

Neo · December 6, 2024, 9:10pm

I generally (on single user machines) put passwords and pass phases phrases into environmental variables and export them.

Peasant · December 7, 2024, 3:25am

You can also use pass utility

Define a var
MYCOMPILEP=$(pass show yourentry)

Once authorized, the script will have password in runtime.

Be aware tho, any method of examining the process would reveal such passwords baked into environment variables, likes of :
cat /proc/<PID of program>/environ

Regards
Peasant

Paul_Pedant · December 7, 2024, 12:02pm

For anything in your script that needs to run as sudo, you just use the plain command, as the whole script is already at the extended privileges level.

You only need to sudo -u myUser to user level for commands that need to use that user's permissions: for example, so the results of your compile are owned by that user, not by root.

The additional benefit is that you can apply the -u to different users for each such command, if you need to.