0

Sudo already tells the user when access is denied:

[jayman@this-machine:~]$ sudo echo hi [sudo] password for jayman: Sorry, try again. [sudo] password for jayman: Sorry, try again. [sudo] password for jayman: sudo: 3 incorrect password attempts 
[git@this-machine:~]$ sudo echo hi Sorry, user git may not run sudo on this-machine.

Sudo doesn’t, however, tell the user when access has been granted. Consider what happens when sudo dd if=foo of=bar gets run. For me, one of two things happens:

  1. Sudo prompts me for a password. I enter the password and see the terminal go to the next line, but dd doesn’t output anything for a while. I end up waiting a few seconds to make sure that Sudo isn’t waiting to say “Sorry, try again” and prompt me for the password again.
  2. Sudo doesn’t prompt me for a password because my credentials are cached. dd doesn’t output anything for a while. I end up waiting a few seconds to make sure that Sudo isn’t just taking a while to prompt me for a password.

If Sudo printed a message after my password was accepted, then I wouldn’t have to wait to figure out whether or not dd had started yet. Is there any way to get Sudo to print a message when access has been granted?

Improve this question

1 Answer 1

Reset to default
2

I ended up creating a Bash script named sudo:

set -e console="$(tty)" readonly console /path/to/real/sudo -v # Sudo normally writes directly to the terminal device instead of # writing to stdout, so that’s what I’m doing here echo Access granted. &> "$console" /path/to/real/sudo "$@"

Then, I set my PATH to "/path/to/fake/sudo/dir:$PATH". There are a few limitations to this solution:

  • It won’t work properly if credential caching is disabled.
  • If your credentials aren’t cached, then sudo --help or sudo -k will prompt for a password.
Improve this answer
2
  • 1
    You can avoid prompting all the time by asking sudo to run an innocuous command instead; /path/to/real/sudo echo Access granted. &> "$console". Commented Sep 14, 2023 at 15:25
  • Hm… I would rather not run a command with Sudo unless I have to, but that change would make the script shorter. Also, I should clarify the part that says “It will always prompt you for your password”. In reality, it will prompt for a password if there aren’t cached credentials already. Commented Sep 14, 2023 at 16:34

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.