FedoraForum.org - Fedora Support Forums and Community
Results 1 to 7 of 7
  1. #1
    Join Date
    Aug 2011
    Location
    Luton, UK
    Age
    32
    Posts
    291

    sudo NOPASSWD to .bashrc alias?

    I've set up an alias in .bashrc (let's call it alias1), and am trying to set up a sudo NOPASSWD rule for that particular command. Is there a way to do this?

    So far, I've attempted:

    user ALL = NOPASSWD: alias1
    user ALL=(ALL) NOPASSWD: alias1

    But keep getting told I have a syntax error - presumably this is because visudo doesn't recognise alias1?

    I've already checked that alias1 works correctly, so I assume I'm just referring to it incorrectly. Any suggestions?

  2. #2
    Join Date
    Aug 2009
    Location
    Waldorf, Maryland
    Posts
    7,346

    Re: sudo NOPASSWD to .bashrc alias?

    You can't do that.

    A bash alias only exists within the memory of the bash interpreter. Sudo is not bash.

    And even if you could, you shouldn't - nothing would prevent the user from changing the value of the alias to something else, and then running that something else at elevated privilege.

  3. #3
    Join Date
    Aug 2011
    Location
    Luton, UK
    Age
    32
    Posts
    291

    Re: sudo NOPASSWD to .bashrc alias?

    Right - question answered! I'll mark this as solved - thank you~

  4. #4
    Join Date
    Aug 2011
    Posts
    95

    Re: sudo NOPASSWD to .bashrc alias?

    instead you can specify the command with fixed options to restrict usage of that command

    servlet and jsp event handling
    Last edited by Redagadir; 21st December 2011 at 09:08 AM.

  5. #5
    Join Date
    Aug 2011
    Location
    Luton, UK
    Age
    32
    Posts
    291

    Re: sudo NOPASSWD to .bashrc alias?

    Quote Originally Posted by Redagadir
    instead you can specify the command with fixed options to restrict usage of that command
    Out of curiosity, how would I do that?

    To put more context to the issue, I found out why the password was necessary for the command in the first place. This is the line from my .bashrc file:
    Code:
    alias wiiclem='wminput -r -c /home/neko/wiimoteconfigs/wminput-clementine.config'
    The problem was that wminput needs to use /dev/uinput, which has restricted access by default. I could change the permissions on it, which removed the need to enter a password, but as I later found out, this was only a temporary fix because everything in /dev regenerates on boot, meaning I had to change the permissions again. By adding this to /etc/rc.local:
    Code:
    chgrp (group) /dev/uinput
    chmod 660 /dev/uinput
    I assigned uinput to my group on startup and gave my group read/write access, thus removing the need to enter a password when running wiiclem

    If the fixed options path is likely to be easier/more elegant/more secure/more 'correct', though, I'd be happy to hear it for future reference!

  6. #6
    Join Date
    Aug 2009
    Location
    Waldorf, Maryland
    Posts
    7,346

    Re: sudo NOPASSWD to .bashrc alias?

    Not necessarily.

    The problem isn't "easier/more elegant" but secure.

    Remember that you are giving the program elevated privileges, and if it can be coerced into doing something malicious then it isn't a good idea.

    Changing the ownership/modes of /dev/uinput at boot time would be better IF it does not have anything too special about it (like /dev/random).

    I don't think /dev/uinput has been completely configured into the system yet or something like that would have been done by now. You can report it as a bug/enhancement, and report a workaround such as putting the command "chmod +r /dev/uinput" (or maybe +rw if it needs initialization written to it) in the file /etc/rc.local. This will have the chmod run after everything else, and make the /dev/uinput device available for everyone.

  7. #7
    Join Date
    Aug 2011
    Location
    Luton, UK
    Age
    32
    Posts
    291

    Re: sudo NOPASSWD to .bashrc alias?

    That really is one of those glaringly obvious alternatives, isn't it? Thank you!

Similar Threads

  1. Cannot open /var/db/sudo after sudo package upgrade
    By Replicant10000 in forum Security and Privacy
    Replies: 1
    Last Post: 16th September 2010, 01:25 PM
  2. awk alias and .bashrc problem
    By giulianoz in forum Using Fedora
    Replies: 2
    Last Post: 17th August 2009, 05:08 PM
  3. How to Change Firefox Alias or any Alias?
    By FergatROn in forum Using Fedora
    Replies: 1
    Last Post: 3rd June 2008, 09:18 PM
  4. sudo and NOPASSWD
    By sentry in forum Using Fedora
    Replies: 21
    Last Post: 19th May 2006, 10:04 PM
  5. sudo question (host alias)
    By arc2v in forum Using Fedora
    Replies: 2
    Last Post: 23rd June 2005, 01:37 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •