In Linux how to add a build step in Qt Creator that uses su privileges without getting the wrong password attempts on builds?

Question

My goal is to successfully link a folder to /opt/ directory- which needs to be run with sudo.

I have tried this:

 system(sudo ln -s $$OUT_PWD/xampp /         


        

Answer 1

@Logan You can cause sudo to use the ssh-askpass (GUI password request dialog) directly with its -A option, this can use the SUDO_ASKPASS environmental variable to override a /usr/bin/ssh-askpass value that may be configured in /etc/sudo.conf^[1] (like the suggestions of gksudo or kdesudo from @herophuong ). This gets around the security risk of the second solution in your answer that leaves the "password" visible to anything that can observe the commandline arguments. The equivalent to your first solution becomes:

sudo -A -s ./script

Don't forget that sudo may provide credential caching so that, if it has been used very recently (default 5 minutes?), a repeated invocation uses that cached password value instead of making another password request. If, for sanity/security reasons, this is not desired for a script (or elsewhere) use sudo -K with no other arguments to immediately clear any cached credentials (no password is needed for that usage) so that any subsequent sudo usage will require authentication.

_{1 - Remember to use visudo as root if you wish to edit /etc/sudo.conf to add:}

# Path to askpass helper program
Path askpass /usr/bin/ssh-askpass

Answer 2

As stated in a comment by Cameron Tinker you can set up Qt Creator to have a deploy step with the command gnome-terminal and arguments -e "sudo make install".

Effectively the same as running gnome-terminal -e "sudo make install"

Image is a screenshot of what this config looks like in Qt Creator :)

Qt Creator with sudo make install step with gnome terminal project settings

gksudo is no longer recommended or installed by default on Ubuntu

Answer 3

After a lot of research:

ssh-askpass Sudo Password | sudo -S bash ./script

Worked like a charm, it asks for the password in a separate window/prompt box. I added it under custom build steps. The important thing is to let sudo know that it will expect a password input via -S option.

echo "password" | sudo -S bash ./script

Also works with bash scripts, however as you might think it is insecure storing the sudo password inside the script. It is said that read permissions should fix that issue.

Answer 4

I think you should use gksudo (in GNOME) or kdesudo (in KDE). The commands will then use a window to prompt for your password.