When you attempt to modify a file without write permission on it, you will get a permission denied
error. Changing the permission globaly on the file in question may not be the proper approach as it may open you to serious security holes, think about some files in /etc.
[me@host ~]$ touch donottouch.txt && sudo chown root donottouch.txt
[me@host ~]$ cat donottouch.txt
[me@host ~]$ echo "change stuff" > donottouch.txt
-bash: donottouch.txt: Permission denied
Using sudo
before echo
won’t help you since the redirection will still apply within your shell environment. Here is a few approaches to this problem.
You can obviously switch to a privileged user with sudo -i
(see man sudo
):
[me@host ~]$ sudo -i
Password:
[root@host ~]$ echo "change stuff" > donottouch.txt
Unfortunately, this approach do not work if you try to automate a task and you do not want the script to run as root. An option would be to use sudo
and eval the code properly in a one-liner:
[me@host ~]$ sudo sh -c 'echo "change stuff" > donottouch.txt'
[me@host ~]$ cat donottouch.txt
change stuff
A better approach, allowing finer-grained permission in sudoers file, would be to use a
combination of sudo
and tee
(aka pipe fitting).
The tee utility copies standard input to standard output, making a copy in zero or more files. The output is unbuffered.
[me@host ~]$ echo "change stuff" | tee donottouch.txt
-bash: donottouch.txt: Permission denied
[me@host ~]$ echo "change stuff" | sudo tee donottouch.txt
Password:
change stuff
[me@host ~]$ cat donottouch.txt
change stuff
If you don’t want to see the text being display by tee, you just need to redirect stdout to /dev/null
.
$ echo "change stuff" | sudo tee donottouch.txt >/dev/null
Password:
$ cat donottouch.txt
change stuff
Using tee -a
will allow you to append content as you would do with >>
.
👉 You can use that same method directly from
vim
using the combo:w !sudo tee %
. The:w
send the buffer content to the following command. The!
execute an external command andsudo tee
will do as mentionned above.%
invim
represent the current file name.