6

I would like my root-requiring bash script to be run from IntelliJ/WebStorm, asking me for the root password when I run it. Having my root password hardcoded in the script is a bad idea of course.

IntelliJ/WebStorm actually has a $Prompt$ macro for reasons like this, which prompts you and uses your input as a value.

So I tried using $Prompt$ along with echo YOURPASSWORD | sudo -S yourcommand as described in use-sudo-with-password-as-parameter.

Then I pass passwd & script to run to a sudorun.sh script echo -e $1 | sudo -S $2 $3 $4 (since echo can't be be the 'program' line) which although works on the CLI, it fails to read echo-stdin on the IntelliJ console.

Ideally, I would like the solution to be configured solely from within IntelliJ and not require specific OS configuration changes outside of IntelliJ.

Perhaps there are other ways to deal with this, so lets improvise!

Community
  • 1
  • 1
Angelos Pikoulas
  • 1,002
  • 1
  • 14
  • 21
  • 1
    Instead of allowing PhpStorm to execute the actual command, I recommend write custom shell script that will do all of these and execute it instead and only pass required parameters (path to project/file in question etc). – LazyOne Oct 26 '12 at 00:19
  • Sorry, this is not answering the main require: passing sudo pswd. I want to bind f.i. alt+b to './mybuild.sh' which for some reason requires sudo. How do I do that ? – Angelos Pikoulas Oct 26 '12 at 09:50
  • What I was trying to say -- invoke `sudo` (or whatever command it has to be) inside your actual script. If you are unable to even launch your `./mybuild.sh` from PhpStorm (because even launching it requires sudo) ... then I cannot really help here. – LazyOne Oct 26 '12 at 11:01
  • Even if you use sudo inside the script, how would you suggest passing the pswd from the IDE when invoking it ? – Angelos Pikoulas Oct 27 '12 at 12:55
  • My idea was that it will be asked inside the script and not passed from IDE. – LazyOne Oct 27 '12 at 15:13

4 Answers4

5

I, too, faced the same issue, but I work with sensitive data on my development machine and removing the password requirement for sudoers just isn't an option.

I was able to resolve this issue by launching the actual WebStorm application from the command line using the sudo command as follows:

sudo /Applications/WebStorm.app/Contents/MacOS/webide

Once WebStorm/PhpStorm are launched this way, you can run a script with root access without supplying root credentials.

Mark Bonano
  • 6,482
  • 2
  • 15
  • 12
4

Use the NOPASSWD feature of sudo. Add a rule like so to sudoers (via visudo or similar):

someuser      ALL = NOPASSWD: /usr/bin/interesting_program
%somegroup    ALL = NOPASSWD: /usr/bin/interesting_program
Brian Cain
  • 14,403
  • 3
  • 50
  • 88
  • 1
    useful, but not answering the main question: `run a sudo script from “external tools”` – Angelos Pikoulas Oct 26 '12 at 09:53
  • 1
    I was "finding another way to do this" by "improvising." :) Seriously, does this not address the challenge? `java` (the "external tool?") can invoke `sudo /usr/bin/interesting_program` and you no longer need to fiddle with sending a password to `sudo`. – Brian Cain Oct 26 '12 at 15:03
  • 2
    Yes, it is a working & generic solution, but its tied to the OS instead of the IDE, which is what I would prefer. – Angelos Pikoulas Oct 27 '12 at 12:54
3

I find myself automating a lot of my workflow, and running into the same issue. I don't want to punch a hole in my sudoer permissions, and I don't want to run my IDE as root either. A good solution that I've found is gksudo, on Ubuntu and many other Linux variants you'll find it installed by default. What gksudo does is it allows you to prompt the user(yourself) to input your password with a graphic overlay, much like Ubuntu/KDE/etc. do when you need to be root to perform an operation such as an update.

This will then prompt you to provide your password to escalate privilege, then execute a given command/program as root.

In the Edit Tool Window simply:

  1. Set the Program to /usr/bin/gksudo
    • gksudo may be located at a different path, try: whereis gksudo to find its path
  2. Set Parameters to all commands you want to execute in quotes
    • Ex. "mongod --fork --config /etc/mongodb.conf; service elasticsearch start"
    • Make sure you have the quotes!
  3. Set a working directory(if needed)
tsturzl
  • 3,089
  • 2
  • 22
  • 35
0

You can achieve it by creating your run configuration as Script text instead of a file. Then, you can define your script as echo $PASSWORD | sudo bash script. To load your password, you can set up direnv in your folder to load the required .env files automatically. PyCharm/WebStorm respect .env files and load them before running your command.

PyGuy
  • 434
  • 5
  • 15