How do I use sudo to redirect output to a location I don't have permission to write to?

前端 未结 15 1457
情深已故
情深已故 2020-11-22 07:23

I\'ve been given sudo access on one of our development RedHat linux boxes, and I seem to find myself quite often needing to redirect output to a location I don\'t normally h

相关标签:
15条回答
  • 2020-11-22 07:58

    Yet another variation on the theme:

    sudo bash <<EOF
    ls -hal /root/ > /root/test.out
    EOF
    

    Or of course:

    echo 'ls -hal /root/ > /root/test.out' | sudo bash
    

    They have the (tiny) advantage that you don't need to remember any arguments to sudo or sh/bash

    0 讨论(0)
  • 2020-11-22 07:58

    Maybe you been given sudo access to only some programs/paths? Then there is no way to do what you want. (unless you will hack it somehow)

    If it is not the case then maybe you can write bash script:

    cat > myscript.sh
    #!/bin/sh
    ls -hal /root/ > /root/test.out 
    

    Press ctrl + d :

    chmod a+x myscript.sh
    sudo myscript.sh
    

    Hope it help.

    0 讨论(0)
  • 2020-11-22 07:59

    Whenever I have to do something like this I just become root:

    # sudo -s
    # ls -hal /root/ > /root/test.out
    # exit
    

    It's probably not the best way, but it works.

    0 讨论(0)
  • 2020-11-22 08:00

    A trick I figured out myself was

    sudo ls -hal /root/ | sudo dd of=/root/test.out
    
    0 讨论(0)
  • 2020-11-22 08:00

    The problem is that the command gets run under sudo, but the redirection gets run under your user. This is done by the shell and there is very little you can do about it.

    sudo command > /some/file.log
    `-----v-----'`-------v-------'
       command       redirection
    

    The usual ways of bypassing this are:

    • Wrap the commands in a script which you call under sudo.

      If the commands and/or log file changes, you can make the script take these as arguments. For example:

      sudo log_script command /log/file.txt
      
    • Call a shell and pass the command line as a parameter with -c

      This is especially useful for one off compound commands. For example:

      sudo bash -c "{ command1 arg; command2 arg; } > /log/file.txt"
      
    0 讨论(0)
  • 2020-11-22 08:00

    Clarifying a bit on why the tee option is preferable

    Assuming you have appropriate permission to execute the command that creates the output, if you pipe the output of your command to tee, you only need to elevate tee's privledges with sudo and direct tee to write (or append) to the file in question.

    in the example given in the question that would mean:

    ls -hal /root/ | sudo tee /root/test.out
    

    for a couple more practical examples:

    # kill off one source of annoying advertisements
    echo 127.0.0.1 ad.doubleclick.net | sudo tee -a /etc/hosts
    
    # configure eth4 to come up on boot, set IP and netmask (centos 6.4)
    echo -e "ONBOOT=\"YES\"\nIPADDR=10.42.84.168\nPREFIX=24" | sudo tee -a /etc/sysconfig/network-scripts/ifcfg-eth4
    

    In each of these examples you are taking the output of a non-privileged command and writing to a file that is usually only writable by root, which is the origin of your question.

    It is a good idea to do it this way because the command that generates the output is not executed with elevated privileges. It doesn't seem to matter here with echo but when the source command is a script that you don't completely trust, it is crucial.

    Note you can use the -a option to tee to append append (like >>) to the target file rather than overwrite it (like >).

    0 讨论(0)
提交回复
热议问题