Seems like I should run tomb commands only in terminal

[AimoE]

I am using a backup software that has web UI (locally, only on my laptop). I wanted to add a pre-op trigger to a backup set to check if any tombs are still open, using "tomb -q list". The backup software gives me an ugly warning, originating from a sudo command inside tomb script.

"sudo: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper"

When I run "tomb list" in terminal, it does not require sudo . Yet I get this message when I run it in this other context.

The warning message is so annoying that for now, I have opted to use "mountpoint -q" on each individual mountpoint, instead of the "tomb list" command. The way I have set up my backup set currently, all mount points are already known, but I would prefer to not hardcode that information all over.

[AimoE]

I had to retract my retraction (old text deleted). Using tomb without terminal still has sudo prompting for a password, regardless NOPASSWD: in sudoers.

Have you ever considered replacing sudo with pkexec?

[Narrat]

That's curious, because tomb list does require sudo when invoked.

$ tomb list

[sudo] Enter password for user Narrat to gain superuser privileges

So the behaviour/report of your backup program is correct. Maybe you set something in your sudoers in that regard so you don't see it when you invoke it from the terminal?

[jaromil]

Hi! we now have doas as alternative to sudo, does that fixes things somehow? in any case this opens support for more alternatives, perhaps pkexec is a good one for desktops. Also invokation of tomb from SUID process may be an option enabling use of sup.dyne.org

[jaromil]

this recent commit e0ba8c5 enables use of pkexec from the --sudo flag, plus autodetects if polkit's daemon is running and in that case sets it up. Manual is updated too.