Support for non passwordless sudo (offering my contribution) #451
Description
What do you want?
Support for non passwordless sudo
Why do you want this?
Because sudo with no password it's against the principles of security first
Recommended solution
- give the ability to launch
sudowith-Sflag
-S, --stdin
Write the prompt to the standard error and read the password from the standard input instead of using
the terminal device.
- give the ability to launch
sudowith-Aflag and specifySUDO_ASKPASSenvironment variable
-A, --askpass
Normally, if sudo requires a password, it will read it from the user's terminal. If the -A (askpass)
option is specified, a (possibly graphical) helper program is executed to read the user's password and
output the password to the standard output. If the SUDO_ASKPASS environment variable is set, it
specifies the path to the helper program. Otherwise, if sudo.conf(5) contains a line specifying the
askpass program, that value will be used. For example:
# Path to askpass helper program
Path askpass /usr/X11R6/bin/ssh-askpass
If no askpass program is available, sudo will exit with an error.
SUDO_ASKPASS Specifies the path to a helper program used to read the password if no terminal is available
or if the -A option is specified
Additional context
Please, consider this as my offer to contribute with a PR for adding the feature. I've added the two alternative recommended solutions as the only two I'm aware of. Glad to consider other options and to implement all the ones that you consider acceptable.