DEV Community: Marcelo Facio Palin

How to enable user passwordless sudo in WSL2 - Linux

Marcelo Facio Palin — Thu, 14 Nov 2024 13:56:02 +0000

Linux is a powerful and secure operating system, widely used by developers, system administrators, and enthusiasts. One key aspect of its security is its user permission model. In Linux, there is a distinction between regular users and the root user (administrator), who has the highest level of permissions. To perform administrative tasks, regular users need elevated privileges, which are granted via the sudo command.

By default, the sudo command prompts the user for their password, ensuring that administrative actions are intentional. However, in some development environments, such as Windows Subsystem for Linux 2 (WSL2), you may want to configure your user account to bypass the password prompt when using sudo. This can simplify workflows, especially for frequent administrative tasks.

In this tutorial, we will walk you through enabling passwordless sudo for your user account in WSL2.

Prerequisites

Before proceeding, ensure that:

You have WSL2 installed and configured on your Windows system.
You have administrative rights on your WSL2 Linux distribution.
You understand the security implications of enabling passwordless sudo.

Steps to Enable Passwordless Sudo

Follow these steps to grant your user account passwordless sudo access:

1. Verify Your Current User

First, verify which user account you are currently logged in as. Open your WSL2 terminal and run:

whoami

This will display your username. For this tutorial, we’ll refer to your username as $USER.

2. Edit the Sudoers Configuration Safely

To allow passwordless sudo for your user, we will create a custom configuration file under /etc/sudoers.d. This is the recommended approach because it avoids directly editing the main sudoers file, reducing the risk of misconfiguration.

Run the following command in your WSL2 terminal:

echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/dont-prompt-$USER-for-sudo-password

3. Explanation of the Command

Let’s break down the command:

echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL": This outputs a rule that allows the current user ($USER) to execute any command as any user or group without being prompted for a password.
sudo tee /etc/sudoers.d/dont-prompt-$USER-for-sudo-password: This writes the rule to a new configuration file in /etc/sudoers.d.

By creating a separate file, we keep the main sudoers file intact, ensuring better maintainability and avoiding potential syntax errors that could lock you out of administrative privileges.

4. Test Your Configuration

After running the command, test the passwordless sudo configuration:

sudo whoami

If everything is configured correctly, this command should output:

root

And you should not be prompted for your password.

Important Notes on Security

Use with Caution: Enabling passwordless sudo reduces the security of your Linux system. It is recommended only for development environments or scenarios where security risks are minimal.
Avoid in Production: In production environments, always use password-protected sudo to ensure a higher level of security.
Revert Changes: To remove passwordless sudo for your user, simply delete the custom sudoers file:

   sudo rm /etc/sudoers.d/dont-prompt-$USER-for-sudo-password

This will restore the default behavior.

By following this tutorial, you’ve successfully configured your WSL2 user account to execute sudo commands without a password prompt. This can streamline your workflow while working in a development environment. Remember to always prioritize security based on your specific use case!

Automatically Update ChromeDriver to Match Google Chrome Version for Selenium Scripts with HTTP/2 Streaming in Python

Marcelo Facio Palin — Wed, 01 Nov 2023 03:37:22 +0000

When working with Selenium for browser automation, it's crucial to keep the ChromeDriver version in sync with the installed Google Chrome version. Mismatched versions can lead to errors and failed scripts. That's why I've created a Python script to automate the process of updating ChromeDriver to match the Google Chrome version installed on your system.

Here's the script:

"""
    Description:

    Automatically updates the chromedriver.

    Requirements:

    Need to have sudo command permissions without password. To do this, run:
    echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/dont-prompt-$USER-for-sudo-password
    You will be prompted for the password one last time.

    python3 -m pip install --upgrade pip
    pip install tqdm httpx[http2]


    Author:           Marcelo Facio Palin
    Created:          2023-10-31
"""
import subprocess
import platform
import httpx
from tqdm import tqdm
import os
from pathlib import Path
import zipfile
import shutil

def get_chrome_version():
    try:
        version = subprocess.check_output(["google-chrome", "--version"]).decode("utf-8").split(" ")[2].strip()
        return version
    except Exception as e:
        print("Could not determine Google Chrome version. Make sure Google Chrome is installed and in the PATH.")
        print(e)
        return None

def get_platform():
    system = platform.system().lower()
    if system == "linux":
        return "linux64"
    else:
        return system

def get_chromedriver_version(chromedriver_path):
    try:
        version = subprocess.check_output([chromedriver_path, "--version"]).decode("utf-8").strip()
        return version
    except Exception as e:
        print(f"Could not determine ChromeDriver version at {chromedriver_path}. Error: {e}")
        return None

def download_chromedriver(chrome_version, platform):
    url = "https://googlechromelabs.github.io/chrome-for-testing/last-known-good-versions-with-downloads.json"
    response = httpx.get(url)
    if response.status_code != 200:
        print("Could not get download information. Status code:", response.status_code)
        return

    data = response.json()
    for channel, channel_data in data["channels"].items():
        if channel_data["version"] == chrome_version:
            for download in channel_data["downloads"]["chromedriver"]:
                if download["platform"] == platform:
                    download_url = download["url"]
                    print(f"Download link for ChromeDriver version {chrome_version} for {platform}: {download_url}")
                    return download_url

    print(f"Could not find ChromeDriver for version {chrome_version} and platform {platform}.")
    return None

def download_file(url, filename):
    with httpx.Client(http2=True) as client:
        with client.stream("GET", url) as response:
            if response.status_code != 200:
                print("Could not download the file. Status code:", response.status_code)
                return

            file_size = int(response.headers.get("Content-Length", 0))
            progress_bar = tqdm(total=file_size, unit="B", unit_scale=True, desc=filename)

            with open(filename, "wb") as file:
                for chunk in response.iter_bytes(1024):
                    progress_bar.update(len(chunk))
                    file.write(chunk)

            progress_bar.close()

    print(f"File saved at: {os.path.abspath(filename)}")

def install_chromedriver(zip_filename):
    extract_dir = "chromedriver_extract"
    with zipfile.ZipFile(zip_filename, 'r') as zip_ref:
        zip_ref.extractall(extract_dir)

    chromedriver_path = None
    for root, dirs, files in os.walk(extract_dir):
        if "chromedriver" in files:
            chromedriver_path = os.path.join(root, "chromedriver")
            break

    if chromedriver_path is None:
        print("Could not find the executable file of chromedriver.")
        return

    # Makes the file executable
    os.chmod(chromedriver_path, 0o755)

    # Installs chromedriver in /usr/local/bin
    try:
        subprocess.run(["sudo", "cp", chromedriver_path, "/usr/local/bin/chromedriver"], check=True)
    except subprocess.CalledProcessError as e:
        print("Could not install chromedriver in /usr/local/bin. Error: ", e)

    dir_path = Path("/opt/chromedriver")
    if not dir_path.exists():
        try:
            subprocess.run(["sudo", "mkdir", str(dir_path)], check=True)
        except subprocess.CalledProcessError as e:
            print("Could not create the directory /opt/chromedriver. Error: ", e)

    # Installs chromedriver in /opt/chromedriver
    try:
        subprocess.run(["sudo", "cp", chromedriver_path, "/opt/chromedriver/chromedriver"], check=True)
    except subprocess.CalledProcessError as e:
        print("Could not install chromedriver in /opt/chromedriver. Error: ", e)

    # Removes the extraction folder
    shutil.rmtree(extract_dir)

    print("Chromedriver successfully installed!")


def main():
    chrome_version = get_chrome_version()
    platform = get_platform()
    if chrome_version and platform:
        download_url = download_chromedriver(chrome_version, platform)

        if download_url:
            zip_filename = f"chromedriver_{chrome_version}_{platform}.zip"
            download_file(download_url, zip_filename)

            install_chromedriver(zip_filename)

            print("Download and installation successful!")
            print("Google Chrome version: ", chrome_version)

            usr_bin_version = get_chromedriver_version("/usr/local/bin/chromedriver")
            if usr_bin_version:
                print("ChromeDriver version in /usr/local/bin: ", usr_bin_version)

            opt_chromedriver_version = get_chromedriver_version("/opt/chromedriver/chromedriver")
            if opt_chromedriver_version:
                print("ChromeDriver version in /opt/chromedriver/chromedriver: ", opt_chromedriver_version)

            print("Platform: ", platform)
        else:
            print("The download was not successful.")

if __name__ == "__main__":
    main()

Key Features of Our Script:

Utilizes the httpx library with HTTP/2 and stream to efficiently handle file downloads.
Always matches the ChromeDriver version with your installed Google Chrome version.
Places the ChromeDriver executable in the necessary directories, ensuring your Selenium scripts run seamlessly.
By leveraging the power of HTTP/2, our script provides faster and more reliable file downloads. Plus, with httpx stream, we can efficiently handle large files without consuming excessive memory.

Before running the script, please ensure you have configured your system to allow sudo commands without a password prompt by running the following command:
echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/dont-prompt-$USER-for-sudo-password

This step is important because we need to place the ChromeDriver executable in directories that require root permissions, and we want the process to be as smooth as possible.

Feel free to try out our script and let us know your thoughts. We hope it helps you maintain a seamless testing environment for your Selenium projects.

Happy testing!

Best,
Palin

Resolvendo o problema do Permission Denied do Docker

Marcelo Facio Palin — Thu, 13 Apr 2023 23:25:24 +0000

Olá, amigos nerds! Você já se deparou com o irritante erro "Permission Denied" ao tentar utilizar o Docker? Bem, se você está aqui, eu aposto que sim. Mas não se preocupe, vamos mandar esse erro para o espaço! 🚀

Cenário do problema:

O Docker está instalado no seu sistema, mas ao executar comandos como "docker run" ou "docker ps", você se depara com a seguinte mensagem de erro:

permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock

Parece complicado, né? Mas não se preocupe, vou te mostrar a solução! 🧩
Inclusive pode encontrar a solução na documentação oficial: https://docs.docker.com/install/linux/linux-postinstall/#manage-docker-as-a-non-root-user

Aqui está um passo a passo simples e eficaz para resolver esse problema:

Primeiro, vamos verificar se o seu usuário faz parte do grupo "docker". Execute o seguinte comando:

$ grep docker /etc/group

Se o resultado mostrar o seu nome de usuário ao lado de "docker", você já está no grupo! Mas se não, não se desespere, pois temos uma solução!

docker:x:999:seu_usuario

Agora, vamos adicionar o seu usuário ao grupo "docker". Abra o terminal e digite o seguinte comando (substitua "seu_usuario" pelo seu nome de usuário):

$ sudo usermod -aG docker seu_usuario

Se não sabe qual é seu usuário no linux basta digitar:

$ whoami

Parabéns! Você acabou de dar um passo importante para resolver esse enigma!

Após executar o comando anterior, faça logout da sessão atual e faça login novamente para que as alterações entrem em vigor. Como alternativa, você pode executar:

$ newgrp docker

Este comando iniciará uma nova sessão de shell com a associação de grupo atualizada, mas é recomendável fazer logout e login novamente para garantir que as alterações se apliquem a todas as suas sessões de shell atuais e futuras.

Finalmente, verifique se o erro foi resolvido executando o comando "docker ps". Se você não encontrar mais o erro, comemore! 🎉

E aí está, problema resolvido!

Outra solução:

sudo chmod 666 /var/run/docker.sock

Por quê esta não é a melhor solução?

Segundo a documentação https://docs.docker.com/engine/security/#docker-daemon-attack-surface

A execução de contêineres (e aplicativos) com o Docker implica na execução do daemon do Docker. Este daemon requer rootprivilégios, a menos que você opte pelo modo sem raiz e, portanto, esteja ciente de alguns detalhes importantes.

Em primeiro lugar, apenas usuários confiáveis devem ter permissão para controlar seu daemon Docker . Essa é uma consequência direta de alguns recursos poderosos do Docker. Especificamente, o Docker permite que você compartilhe um diretório entre o host do Docker e um contêiner de convidado;

Resolvendo o problema do popup de recursos do Flameshot no Ubuntu 22.04

Marcelo Facio Palin — Thu, 13 Apr 2023 22:42:39 +0000

O Flameshot é uma poderosa ferramenta de captura de tela para Linux, que permite aos usuários tirar screenshots e fazer anotações diretamente nas imagens capturadas.

Se você acabou de instalar o Ubuntu 22.04 e está enfrentando problemas para usar todos os recursos do Flameshot, este guia irá ajudá-lo a resolver esses problemas e aproveitar ao máximo esta excelente ferramenta.

Passo 1: Instalar o Flameshot

Abra o terminal e execute os seguintes comandos para instalar o Flameshot:

sudo apt update sudo apt install flameshot

Passo 2: Configurar o Flameshot para funcionar corretamente

O Ubuntu 22.04 utiliza o servidor gráfico Wayland por padrão, o que pode causar alguns problemas de compatibilidade com o Flameshot. Para resolver isso, siga os passos abaixo:

Abra o terminal e digite o seguinte comando para editar o arquivo custom.conf do GDM:

sudo nano /etc/gdm3/custom.conf

Descomente a linha:

WaylandEnable=false

removendo o símbolo # no início da linha. Em seguida, salve o arquivo e feche o editor pressionando Ctrl + X, seguido de Y e Enter.

Adicione a variável de ambiente QT_QPA_PLATFORM=xcb ao seu arquivo .bashrc ou .zshrc (dependendo do shell que você está usando). Para fazer isso, abra o arquivo no terminal com um dos seguintes comandos:

nano ~/.bashrc
ou
nano ~/.zshrc

Insira a seguinte linha no final do arquivo:

export QT_QPA_PLATFORM=xcb

Salve o arquivo e feche o editor, como explicado no Passo 2.
Reinicie o computador para que as alterações entrem em vigor.

Com essas configurações, o Flameshot deve funcionar corretamente no Ubuntu 22.04, permitindo que você use todos os recursos de captura e marcação de tela.