Can I automate updating/upgrading with sudo in this way?

Question

Please consider this code:

alias fast='echo "password" | sudo -S apt-get update && sudo -S apt-get upgrade'

I have not yet had a problem using it but is it possible that if the first step, apt-get update takes a very long time, the password would lapse by the time the apt-get upgrade commands finally runs?

No? I've never looked into changing the hostname and I have no idea whether it's a good or bad thing to do. — , Jun 16 '12 at 06:59

score 2 · Accepted Answer · edited Apr 13 '17 at 12:24

but is it possible that if the first step, apt-get update takes a very long time, the password would lapse by the time the apt-get upgrade commands finally runs?

The answer is yes, sudo could time out and ask you for the password again.

Another method which is still insecure (but at least it does not require you writing a password to file) is described at How to run an application using sudo without a password?
If you want to proceed with an approach where you write your password down in cleartext, consider chaining the command together and use sh to execute it:
```
echo password | sudo sh -c "apt-get update && apt-get upgrade"
```
In this way, sudo requires you to enter the password only once, and sh is executed as root. Then any programs run by sh are automatically running as root.

Finally, you can pass the password twice to the separate programs:

echo password | sudo apt-get update && echo password | sudo apt-get upgrade

score 1 · Answer 2 · answered Jun 16 '12 at 07:12

1

I'm pretty sure the timeout for sudo is 15 minutes.

You can change that

sudo visudo

Add the timeout to this line

Defaults        env_reset

So for 20 minutes

Defaults        env_reset,timestamp_timeout=20

https://help.ubuntu.com/community/RootSudoTimeout

answered Jun 16 '12 at 07:12

23 93 26 35 19 57 3 89

5,636

Given it is 15 min and assuming apt-get update takes longer, would apt-get upgrade require re-entering the password with reference to the alias in the question? – Jun 16 '12 at 07:15
1

I should have edited the question title rather than answering it ;) – 23 93 26 35 19 57 3 89 Jun 16 '12 at 07:57
Yes, my question was poorly framed given what I really wanted to know. – Jun 16 '12 at 12:04
Such is life - not important - the information is there now and if someone happens across it and it helps them then that is good. – 23 93 26 35 19 57 3 89 Jun 16 '12 at 12:37

score 0 · Answer 3 · answered Jun 16 '12 at 12:36

I'm on mobile now so can't write a detailed answer. However, there's another possibility that might be a suitable compromise.

You can configure sudo to not ask for a password for the apt-get command. You set this using the visudo command. Since I don't have access to my Linux boxes now, I can't tell you how to do it, but you can try reading the man pages for sudoers, visudo, and anything referenced by those pages.

WARNING: Doing this could potentially allow anyone to run any apt-get command. You will have to judge whether the convenience of this method outweighs the additional security risk.

Can I automate updating/upgrading with sudo in this way?

3 Answers3