[sf-lug] sudo

[Alex Kleider]

On 2017-11-08 19:20, Akkana Peck wrote:

> I'm not sure why the export doesn't pass ap_ip through to the su
> shell. Seems like that should work, but you're right, it doesn't.
> But you could replace the single quotes with double quotes,
> and get rid of the inner double quotes:
> 
> sudo sh -c "echo $ap_ip  library library.lan rachel rachel.lan >> 
> /etc/hosts"
> 
> That won't preserve your extra whitespace.

No, the white space is NOT important and it works.
Thank you very much.

> If the whitespace is
> important, you could try single-quoting everything except the variable:
> 
> sudo sh -c "echo $ap_ip ' library library.lan rachel rachel.lan' >> 
> /etc/hosts"
> 
> with an appropriate number of spaces after the first single quote.
> 
> This will expand $ap_ip before it passes the string to sh -c,
> so make sure $ap_ip can't be set to anything evil. (Of course, that
> holds for anything you run from a script and pass to sudo sh -c,
> which can open the door to all sorts of fun security holes).
> 
>> [1] It so happens that the Raspberry Pi does not ask for a password
>> when an sudo command is issued (not sure how that is- not seen it
>> on any other Linux system.)
> 
> It's because the default "pi" user is in /etc/sudoers with NOPASSWD: 
> ALL.
> man sudoers for lots more information on how that works.

Soooo much to learn-  thanks again, Akkana, for the tip.

Alex