Getting root permissions on a file inside of vi?
https://stackoverflow.com/questions/1005
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Often while editing config files, I'll open one with vi and then when I go to save it realize that I didn't type
sudo vi filename
Is there any way to give vi sudo privileges to save the file? I seem to recall seeing something about this while looking up some stuff about vi a while ago, but now I can't find it.
Solution
% is replaced with the current file name, thus you can use:
:w !sudo tee %
(vim will detect that the file has been changed and ask whether you want to it to be reloaded. Say yes by choosing [L] rather than OK.)
As a shortcut, you can define your own command. Put the following in your .vimrc:
command W w !sudo tee % >/dev/null
With the above you can type :W<Enter> to save the file. Since I wrote this, I have found a nicer way (in my opinion) to do this:
cmap w!! w !sudo tee >/dev/null %
This way you can type :w!! and it will be expanded to the full command line, leaving the cursor at the end, so you can replace the % with a file name of your own, if you like.
OTHER TIPS
In general, you can't change the effective user id of the vi process, but you can do this:
:w !sudo tee myfile
Common Caveats
The most common method of getting around the read-only file problem is to open a pipe to current file as the super-user using an implementation of sudo tee. However, all of the most popular solutions that I have found around the Internet have a combination of a several potential caveats:
- The entire file gets written to the terminal, as well as the file. This can be slow for large files, especially over slow network connections.
- The file loses its modes and similar attributes.
- File paths with unusual characters or spaces might not be handled correctly.
Solutions
To get around all of these issues, you can use the following command:
" On POSIX (Linux/Mac/BSD):
:silent execute 'write !sudo tee ' . shellescape(@%, 1) . ' >/dev/null'
" Depending on the implementation, you might need this on Windows:
:silent execute 'write !sudo tee ' . shellescape(@%, 1) . ' >NUL'
These can be shortened, respectfully:
:sil exec 'w !sudo tee ' . shellescape(@%, 1) . ' >/dev/null'
:sil exec 'w !sudo tee ' . shellescape(@%, 1) . ' >NUL'
Explanation
: begins the command; you will need to type this character in normal mode to start entering a command. It should be omitted in scripts.
sil[ent] suppresses output from the command. In this case, we want to stop the Press any key to continue-like prompt that appears after running the :! command.
exec[ute] executes a string as a command. We can't just run :write because it won't process the necessary function call.
! represents the :! command: the only command that :write accepts. Normally, :write accepts a file path to which to write. :! on its own runs a command in a shell (for example, using bash -c). With :write, it will run the command in the shell, and then write the entire file to stdin.
sudo should be obvious, since that's why you're here. Run the command as the super-user. There's plenty of information around the 'net about how that works.
tee pipes stdin to the given file. :write will write to stdin, then the super-user tee will receive the file contents and write the file. It won't create a new file--just overwrite the contents--so file modes and attributes will be preserved.
shellescape() escapes special characters in the given file path as appropriate for the current shell. With just one parameter, it would typically just enclose the path in quotes as necessary. Since we're sending to a full shell command line, we'll want to pass a non-zero value as the second argument to enable backslash-escaping of other special characters that might otherwise trip up the shell.
@% reads the contents of the % register, which contains the current buffer's file name. It's not necessarily an absolute path, so ensure that you haven't changed the current directory. In some solutions, you will see the commercial-at symbol omitted. Depending on the location, % is a valid expression, and has the same effect as reading the % register. Nested inside another expression the shortcut is generally disallowed, however: such as in this case.
>NUL and >/dev/null redirect stdout to the platform's null device. Even though we've silenced the command, we don't want all of the overhead associated with piping stdin back to vim--best to dump it as early as possible. NUL is the null device on DOS, MS-DOS, and Windows, not a valid file. As of Windows 8 redirections to NUL don't result in a file named NUL being written. Try creating a file on your desktop named NUL, with or without a file extension: you will be unable to do so. (There are several other device names in Windows that might be worth getting to know.)
~/.vimrc
Platform-Dependent
Of course, you still don't want to memorize those and type them out each time. It's much easier to map the appropriate command to a simpler user command. To do this on POSIX, you could add the following line to your ~/.vimrc file, creating it if it doesn't already exist:
command W silent execute 'write !sudo tee ' . shellescape(@%, 1) . ' >/dev/null'
This will allow you to type the :W (case-sensitive) command to write the current file with super-user permissions--much easier.
Platform-Independent
I use a platform-independent ~/.vimrc file that synchronizes across computers, so I added multi-platform functionality to mine. Here's a ~/.vimrc with only the relevant settings:
#!vim
" Use za (not a command; the keys) in normal mode to toggle a fold.
" META_COMMENT Modeline Definition: {{{1
" vim: ts=4 sw=4 sr sts=4 fdm=marker ff=unix fenc=utf-8
" ts: Actual tab character stops.
" sw: Indentation commands shift by this much.
" sr: Round existing indentation when using shift commands.
" sts: Virtual tab stops while using tab key.
" fdm: Folds are manually defined in file syntax.
" ff: Line endings should always be <NL> (line feed #09).
" fenc: Should always be UTF-8; #! must be first bytes, so no BOM.
" General Commands: User Ex commands. {{{1
command W call WriteAsSuperUser(@%) " Write file as super-user.
" Helper Functions: Used by user Ex commands. {{{1
function GetNullDevice() " Gets the path to the null device. {{{2
if filewritable('/dev/null')
return '/dev/null'
else
return 'NUL'
endif
endfunction
function WriteAsSuperUser(file) " Write buffer to a:file as the super user (on POSIX, root). {{{2
exec '%write !sudo tee ' . shellescape(a:file, 1) . ' >' . GetNullDevice()
endfunction
" }}}1
" EOF
Ryan's advice is generally good, however, if following step 3, don't move the temporary file; it'll have the wrong ownership and permissions. Instead, sudoedit the correct file and read in the contents (using :r or the like) of the temporary file.
If following step 2, use :w! to force the file to be written.
When you go into insert mode on a file you need sudo access to edit, you get a status message saying
-- INSERT -- W10: Warning: Changing a readonly file
If I miss that, generally I do
:w ~/edited_blah.tmp
:q
..then..
sudo "cat edited_blah.tmp > /etc/blah"
..or..
sudo mv edited_blah.tmp /etc/blah
There's probably a less roundabout way to do it, but it works.
A quick Google seems to give this advice:
- Don't try to edit if it's read-only.
- You might be able to change the permissions on the file. (Whether or not it will let you save is up to experimentation.)
- If you still edited anyway, save to a temporary file and then move it.
Here's another one that has appeared since this question was answered, a plugin called SudoEdit which provides SudoRead and SudoWrite functions, which will by default try to use sudo first and su if that fails: http://www.vim.org/scripts/script.php?script_id=2709
I have this in my ~/.bashrc:
alias svim='sudo vim'
Now whenever I need to edit a config file I just open it with svim.
A quick hack you can consider is doing a chmod on the file you're editing, save with vim, and then chmod back to what the file was originally.
ls -l test.file (to see the permissions of the file)
chmod 777 test.file
[This is where you save in vim]
chmod xxx test.file (restore the permissions you found in the first step)
Of course I don't recommend this approach in a system where you're worried about security, as for a few seconds anyone can read/change the file without you realizing.
use gksudo instead of sudo for GVim i.e.
cmap w!! w !gksudo tee >/dev/null %
