I'm trying to create shortcut keys for some commonly used sudo shell commands (for example, having C-c s run (shell-command "sudo /etc/init.d/apache2 restart")).
I tried using a straight-up shell-command call as above, but it just outputs the following to the *Shell Command Output* buffer:
[sudo] password for Inaimathi:
Sorry, try again.
[sudo] password for Inaimathi:
Sorry, try again.
[sudo] password for Inaimathi:
Sorry, try again.
sudo: 3 incorrect password attempts
It doesn't actually ask for a password. I don't want to have to start up Emacs using sudo emacs, but I guess that's an option if nothing else will work.
The ideal solution would be a function from within Emacs (as opposed to OS jiggery-pokery to change the behaviour of the shell or the sudo command). Something like (sudo-shell-command "dostuff"), or (with-password-prompt (shell-command "sudo dostuff")).
How about:
(shell-command (concat "echo " (shell-quote-argument (read-passwd "Password? "))
" | sudo -S your_command_here"))
I frequently call commands from Emacs like aptitude update. scottfrazer's solution might not be as useful. Synchronous commands make me wait for a long time, and if you execute an unsupported program (for example, aptitude, which uses ncurses), you will hang up Emacs (C-g won't help), and CPU load will be 100%. Changing to async-shell-command solves this.
But it also introduces a new problem. If your command fails, your password will end up in *Messages* buffer:
echo PASSWORD | sudo -S aptitude: exited abnormally with code 1.
That's why i propose the following solution:
(defun sudo-shell-command (command)
(interactive "MShell command (root): ")
(with-temp-buffer
(cd "/sudo::/")
(async-shell-command command)))
Here "M" in interactive prompts for program name in minibuffer, with-temp-buffer creates a sham buffer, in which we change directory to /sudo::/ to use TRAMP for sudo prompt.
This is the solution by David Kastrup from sudo command with minibuffer password prompt @ gnu.emacs.help.
Note, you still shouldn't call aptitude directly, otherwise the subprocess will be there forever, until you send sudo pkill aptitude.
Read on shells and processes in manual.
If you're running emacs22 or later, you can just start up a shell from emacs and run your sudo command there. It'll automatically pull you into the minibuffer window for your password:
M-x shell
sudo whoami
This should just ask for your password down at the bottom of the screen (without displaying it).
Workaround (rather than an emacs solution):
Set up a ssh key pair so that no password is necessary.
Procedure:
- run
ssh-keygen to generate a pair of keys. Give them a useful name to keep them sorted out from all the others you'll make once you get use to this
- Copy the public one to
$HOME/.ssh for the receiving account
- Keep the private one in
$HOME/.ssh of the sending account (you could copy it to multiple sending accounts, but it might be better to make a separate keypair for every incoming machine)
- edit
$HOME/.ssh/config on the sending machine to tell ssh what key to use
- Profit
sudo attempts to open the terminal device (tty) to read the password. Your emacs process may not have a controlling terminal. sudo -S tells it to use the standard input for a password which should be coming from emacs.
EDIT: Scott's answer above is vastly preferable to this hack. Use that.
A possible solution:
I found out that setting a default password-asking utility solves this problem.
What I had to do is add Defaults:ALL askpass=/usr/lib/openssh/gnome-ssh-askpass to my /etc/sudoers file (using sudo visudo, obviously).
Eval-ing (shell-command "sudo /etc/init.d/apache2 restart") now prompts me for a password instead of trying to guess it unsuccessfully.
I'm not accepting this answer unless it becomes clear that there's no better solution; ideally I'd like something that solves the problem internally to Emacs instead of requiring you to poke around your /etc directory.
I used the following to start nmap from emacs as root,
http://nakkaya.com/sudoEl.markdown
