Redirecting a stdout to a file using sudo and tee
When you attempt to modify a file without write permission on it, you will get a
permission denied error. Changing the permission globaly on the file in question may not be the proper approach as it may open you to serious security holes, think about some files in /etc.
[me@host ~]$ touch donottouch.txt && sudo chown root donottouch.txt [me@host ~]$ cat donottouch.txt [me@host ~]$ echo "change stuff" > donottouch.txt -bash: donottouch.txt: Permission denied
echo won't help you since the redirection will still apply within your shell environment. Here is a few approaches to this problem.
You can obviously switch to a privileged user with
sudo -i (see
[me@host ~]$ sudo -i Password: [root@host ~]$ echo "change stuff" > donottouch.txt
Unfortunately, this approach do not work if you try to automate a task and you do not want the script to run as root. An option would be to use
sudo and eval the code properly in a one-liner:
[me@host ~]$ sudo sh -c 'echo "change stuff" > donottouch.txt' [me@host ~]$ cat donottouch.txt change stuff
A better approach, allowing finer-grained permission in sudoers file, would be to use a combination of
tee (aka pipe fitting).
The tee utility copies standard input to standard output, making a copy in zero or more files. The output is unbuffered.
[me@host ~]$ echo "change stuff" | tee donottouch.txt -bash: donottouch.txt: Permission denied [me@host ~]$ echo "change stuff" | sudo tee donottouch.txt Password: change stuff [me@host ~]$ cat donottouch.txt change stuff
If you don't want to see the text being display by tee, you just need to redirect stdout to
$ echo "change stuff" | sudo tee donottouch.txt >/dev/null Password: $ cat donottouch.txt change stuff
tee -a will allow you to append content as you would do with
👉 You can use that same method directly from
vimusing the combo
:w !sudo tee %. The
:wsend the buffer content to the following command. The
!execute an external command and
sudo teewill do as mentionned above.
vimrepresent the current file name.