40

I would like to have script that is doing automated migrations of websites from another be able to append Includes to the /etc/httpd/conf.d/vhosts.conf file.

However, when I try to use echo to put append a string to the end of the file I get this:

$ sudo echo "Include thing" >> /etc/httpd/conf.d/vhosts.conf
-bash: /etc/httpd/conf.d/vhosts.conf: Permission denied

and yet I can vi /etc/httpd/conf.d/vhosts.conf, add the line and :wq the file to save and close it.

What am I missing?

Martin Schröder
  • 315
  • 1
  • 5
  • 24
Nick Weavers
  • 501
  • 4
  • 8
  • 2
    Not a perfect dup question wise, but the same answer. https://serverfault.com/q/213347/984 heck, I almost looks I copied their answer, except I just wrote mine, and then found the dup after the fact. – Zoredache Jan 24 '20 at 00:25
  • 1
    Please consider using sudoedit instead – D. Ben Knoble Jan 24 '20 at 17:37
  • 7
    There it is again, the famous `sudo tee` question ... as seen on [superuser](https://superuser.com/questions/136646/how-to-append-to-a-file-as-sudo) or [askubuntu](https://askubuntu.com/questions/103643/cannot-echo-hello-x-txt-even-with-sudo) and [U&L](https://unix.stackexchange.com/questions/4335/how-to-insert-text-into-a-root-owned-file-using-sudo/4337#4337) – Thomas Weller Jan 24 '20 at 22:07
  • This has already been asked and answered it is is a duplcate of https://serverfault.com/questions/540492/sudo-echo-bla-etc-sysctl-conf-permission-denied – user557178 Jan 25 '20 at 07:57
  • Does this answer your question? [\`sudo echo "bla" >> /etc/sysctl.conf\` permission denied](https://serverfault.com/questions/540492/sudo-echo-bla-etc-sysctl-conf-permission-denied) – Jasen Jan 25 '20 at 10:34
  • My questions was better phrased, which I think has been endorsed by the fact it has been up-voted more times that the other question that has been suggested. I believe the answer given by Zoredache is much better too, which is also reflected in more upvotes than the other. I think there are too many "this is a duplicate" comments. If the question is a duplicate, let the voters decide which question was better phrased and answered with their votes. Hopefully "search" will then factor that in and deliver the questioner results with the best matches. Darwin was right. – Nick Weavers Jan 25 '20 at 11:04
  • The key point is that the "open for append" is done/attempted before the sudo command is even run. So sudo doesn't get involved. – Matthew Hannigan Jan 27 '20 at 02:52

1 Answers1

78

Sudo elevates the process it calls, it does not elevate any of the current shell's processing like redirection, globbing, etc.

The file redirection >> /etc/httpd/conf.d/vhosts.conf is being processed by your current shell, which is still running under your current privileges.

You could try something like this.

sudo bash -c 'echo "Include thing" >> /etc/httpd/conf.d/vhosts.conf'

Or 

echo "Include thing" | sudo tee -a /etc/httpd/conf.d/vhosts.conf
Zoredache
  • 128,755
  • 40
  • 271
  • 413
  • Would it also work to say `sudo (command >> file)` ? – WGroleau Jan 24 '20 at 18:31
  • 6
    @WGroleau, no, that doesn't work; `sudo` needs its argument to be something it can use the `execve()` syscall to invoke. A shell compound command can't be invoked that way (whereas a shell with an argument that is code giving it that compound command can) -- so `sudo sh -c 'command >> file'` becomes `execvp("sh", {"sh", "-c", "command >> file", NULL})`, but without the `sh -c` or `bash -c`, there isn't really anything you can translate that command into. – Charles Duffy Jan 24 '20 at 18:35
  • Because I hate nesting quotes, I'd just sudo bash, then type the echo command in the new shell. Or just sudo su -l. – CarlF Jan 24 '20 at 18:56
  • @CarlF, that’s usually my approach, especially when I expect to use more than one command. – WGroleau Jan 24 '20 at 22:38
  • @CarlF `sudo -i` to the rescue – vikarjramun Jan 26 '20 at 21:43