I've been given sudo access on one of our development RedHat linux boxes, and I seem to find myself quite often needing to redirect output to a location I don't normally have write access to.
The trouble is, this contrived example doesn't work:
sudo ls -hal /root/ > /root/test.out
I just receive the response:
-bash: /root/test.out: Permission denied
How can I get this to work?
Source: Tips4all, CCNA FINAL EXAM
Your command does not work because the redirection is performed by your shell which does not have the permission to write to /root/test.out. The redirection of the output is not performed by sudo.
ReplyDeleteThere are multiple solutions:
Run a shell with sudo and give the command to it by using the -c option:
sudo sh -c 'ls -hal /root/ > /root/test.out'
Create a script with your commands and run that script with sudo:
#!/bin/sh
ls -hal /root/ > /root/test.out
Run sudo ls.sh
Launch a shell with sudo and then run your commands:
$ sudo -s
% ls -hal /root/ > /root/test.out
% ^D
$
Use sudo tee (if you have to escape a lot when using the -c option):
sudo ls -hal /root/ | sudo tee /root/test.out > /dev/null
The redirect to /dev/null is needed to stop tee from outputting to the screen. Just in case someone needs it: to append to the output file, use tee -a or tee --append.
Thanks go to Jd, Adam J. Forster and Johnathan for the second, third and fourth solutions.
Someone here has just suggested sudoing tee:
ReplyDeletesudo ls -hal /root/ | sudo tee /root/test.out > /dev/null
This could also be used to redirect any command, to a directory that you do not have access to. It works because the tee program is effectively an "echo to a file" program, and the redirect to /dev/null is to stop it also outputting to the screen to keep it the same as the original contrived example above.
The problem is that the command gets run under sudo, but the redirect gets run under your user. This is done by the shell and there is very little you can do about it.
ReplyDelete[dsm@localhost:~]$ sudo command > /some/file.log
`-----v-----'`-------v-------'
command redirect
The usual ways of bypassing this are:
Wrap the commands in a script which you call under sudo
If the commands and/or log file changes, you can make the
script take these as arguments. For example:
sudo log_script command /log/file.txt
Call a shell and pass the command line as a parameter with `-c`
This is especially useful for one off compound commands.
For example:
sudo bash -c "{ command1 arg ; command2 arg ; }
> /log/file.txt;"
Make sudo run a shell, like this:
ReplyDeletesudo sh -c "echo foo > ~root/out"
How about writing a script?
ReplyDeleteFilename: myscript
#!/bin/sh
/bin/ls -lah /root > /root/test.out
# end script
Then use sudo to run the script:
sudo ./myscript
Whenever I have to do something like this I just become root:
ReplyDelete# sudo -s
# ls -hal /root/ > /root/test.out
# exit
It's probably not the best way, but it works.
Maybe you been given sudo access to only some programs/paths? Then there is no way to do what you whant. (unless you will hack it somehow)
ReplyDeleteIf it is not the case then maybe you can write bash script
cat > myscript.sh
#!/bin/sh
ls -hal /root/ > /root/test.out
press ctrl+d
chmod a+x myscript.sh
sudo myscript.sh
Hope it help.
A trick I figured out myself was
ReplyDeletesudo ls -hal /root/ | sudo dd of=/root/test.out