Permission denied at editing /etc/openvpn/credentials despite admin role

My company uses OpenVPN to access some services online. I use Fedora and I have issues downloading and using it with Fedora following this tutorial. Indeed when they ask me to Enter my login credentials

bash-5.1$ sudo echo "IGuessTheCredentialsMyCompanygaveMe" >> /etc/openvpn/credentials
bash: /etc/openvpn/credentials: Permission denied

So how can provide it my credentials so I can launch OpenVPN and import my config file?

1 Like

Hi,

Please try:

sudo su -
echo "IGuessTheCredentialsMyCompanygaveMe" >> /etc/openvpn/credentials

Thanks Tom.

echo "IGuessTheCredentialsMyCompanygaveMe" | sudo tee -a /etc/openvpn/credentials
3 Likes

The suggestions above will work, but perhaps an explanation would help people understand just why something that looked like an obvious correct thing was not.
The “sudo” command is not a shell operator that runs the entire remainder of the input line as root. Bash knows nothing of the special powers of sudo, it is just an executable to bash.
Bash and other shells will parse the input line of “sudo echo xxx >> /etc/stuff” as saying that it should open /etc/stuff in append mode for standard output, then create a process with executable “sudo” and arguments “echo” and “xxx”, and standard output being the opened file (if bash could open it).
So, opening /etc/stuff is done by bash with your account permissions, and if you don’t have rights to open /etc/stuff in append mode, the bash command line fails.
@alciregi example works because the target file is actually an argument to tee, and tee launched by sudo after sudo verified your rights to root access.
@tjdoyle example works because “su” will launch a new shell with the new (root, in this case) user privileges. That new root shell can open the target file in append mode as standard output, so the command succeeds.

Long ago in UNIX history, there was no sudo command, so you’d use “su” to take on the root role and run one or more commands as root. That was a bit dangerous as often you’d run more commands as root than you needed, potentially creating files as root when you meant to do so as your ordinary user, etc. You generally don’t want to overuse those privileges as they protect you from doing things accidentally that you might regret. Sudo allows you to use the privileges more precisely, does logging, and provides a variety of good access controls.

4 Likes

I discovered that sudo doesn’t work with shell redirection. So I used quotes and did something like this:

sudo sh -c 'echo clock_hctosys=\"YES\" >> /etc/conf.d/hwclock'
1 Like