#!/usr/bin/env bash # # Author: Georg Voell - georg.voell@standby.cloud # Version: @(#)check-sudo 3.3.1 16.03.2026 (c)2026 Standby.cloud # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/ # # This script can be used free of charge. Use it as is or customize as needed. It is not guaranteed to be # error free and you will not be reimbursed for any damage it may cause. # #@ Check if sudo is available and user is allowed to invoke it. #@ If password is needed, ask for it before doing 'sudo' and check if it is valid. #@ Returns exitcode 0 if user can do sudo - otherwise exitcode will be greater 0. #@ #@Usage: check-sudo [options] [key] #@ Options: #@ -h, --help : Displays helptext. #@ -v, --version : Displays the version of the script. # # Exit codes: # 01: **sudo** was not successful. # 02: **sudo** not found. Not in PATH or not installed. # 03: **sudo** does not work in cloud shell. # 99: User interrupt. # # See also: # **install-scripts**(1) # # Update history: # # V 1.0.0 08.01.2017 New version # V 3.0.0 04.05.2020 Rename script from 'askforsudo' to 'check-sudo' # V 3.0.1 30.05.2020 If user can do 'sudo' without a password - don't check any further # V 3.0.2 11.06.2020 Using library # V 3.1.0 05.06.2023 New copyright # V 3.2.0 11.09.2024 New minor version # V 3.2.1 05.12.2024 Option -c removed from help # V 3.3.0 19.01.2026 Revised with support of Claude Code # V 3.3.1 16.03.2026 Optimized: replaced backticks with $(); [ ] with [[ ]]; # echo|grep with [[ == -* ]]; removed obsolete result= from sudo -n # # Find executable bash library and source it lib=$(command -v lib.bash 2>/dev/null) if [[ -n "$lib" ]]; then source "$lib" else progdir=$(dirname "$0") if [[ -r "${progdir}/lib.bash" ]]; then source "${progdir}/lib.bash" else echo "Unexpected error: Unable to locate bash library 'lib.bash'." exit 1 fi fi # Preset param="" cloud="" # Check parameters: Loop until all parameters are used up while [[ $# -gt 0 ]]; do pname="${1}" case "$pname" in -c | --cloud) shift if [[ -n "$1" ]]; then cloud=$(ToUpper "$1") shift else errstr="Please specify a cloud_id (e.g. 'ORACLE-OPC' or 'ORACLE-OCI') after parameter '$pname'." fi ;; -v | --version) shift showversion=true ;; -h | --help) shift showhelp=true ;; *) shift if [[ "$pname" == -* ]]; then errstr="Unknown option '$pname'." else if [[ -z "$param" ]]; then param=$(ToLower "$pname") else errstr="Unknown additional parameter: '$pname'." fi fi ;; esac done # Display help or error message DisplayHelp # We do not need 'sudo' if we are root; only test sudo if not already root if [[ "$USER" != "root" ]]; then # Do we have sudo in PATH? sudo=$(filecheck -x sudo) if [[ -z "$sudo" ]]; then exitcode=2 else if [[ "$OCI_CLI_CLOUD_SHELL" == "True" ]]; then exitcode=3 else # Returns 0 if user can do sudo without entering a password - otherwise 1 $sudo -n true >/dev/null 2>&1 exitcode=$? if [[ $exitcode -gt 0 ]]; then printf "\n" printf "Enter password for user '%s' (needed by 'sudo').\n" "$USER" printf "If password is not set yet for this user, press 'control-c' and\n" printf "set password with command 'passwd' and start this script again.\n" if [[ "$cloud" == "ORACLE-OPC" && "$OS" == "SunOS" ]]; then printf "With Solaris you will have to set password for 'opc' and 'root'.\n" printf "Default password for Solaris and root is 'solaris_opc'.\n" fi # Check if the current user can do 'sudo' $sudo touch "$scratchfile" # Was 'sudo' successful? if [[ -f "$scratchfile" ]]; then # Delete the scratchfile - otherwise we can't write to it (created by root) $sudo rm -f "$scratchfile" exitcode=0 fi fi fi fi fi exit $exitcode