[SOLVED] [Question]Correct way to run script(which has sudo commands) without password?
FedoraForum.org - Fedora Support Forums and Community
Results 1 to 6 of 6
  1. #1
    Join Date
    Apr 2018
    Location
    Finland
    Posts
    97
    Linux (Fedora) Chrome 67.0.3396.79

    Question [Question]Correct way to run script(which has sudo commands) without password?

    FOUND ONE SOLUTION ABOUT 20MIN AFTER POSTING
    I created symlink to script in /usr/local/bin and that allows me to run script just with 'sudo restartEddie.bash'(no need for alias). I didn't realize that the sudo couldn't find script from my home folder, because the tab auto-complete worked.
    BTW Would creating hard link instead of symlink make more sense in this kind of thing?
    ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

    ORIGINAL POST
    I'm using program(AirVPN Eddie) and its GUI crashes randomly and to get it back I need to kill program and restart it.
    To make it easier I made a script to do that. But script needs me to enter password twice. Once for sudo pkill... and once for app to start. So to get rid of
    passwords I added this to visudo file.
    Code:
     me    ALL=(root) NOPASSWD: /home/me/bin/restartEddie.bash

    and this to .bashrc file
    Code:
    alias restartEddie.bash='sudo ~/bin/restartEddie.bash'
    This works so now I only need to type 'restartEddie.bash' like normally and it does it stuff without passwords.

    So my actual question is: What is correct way to do this kind of thing? My way feels kind of weird with the adding alias part.

    Also opinion about this would be helpful: For now I made Eddie still start as me as an user(with 'su me -c eddie-ui', which needs password) because I've no idea is it good to start app as root user just to get rid of entering password. So is it something I should not do?(Just for this program)
    Last edited by keikari; 2nd July 2018 at 01:21 PM.

  2. #2
    Join Date
    Oct 2010
    Location
    Canberra
    Posts
    2,973
    Linux Firefox 52.0

    Re: [Question]Correct way to run script(which has sudo commands) without password?

    My immediate reaction is that restartEddie.bash could be edited so as to perform any action and would run as the root user.

    I would start by moving the script to /usr/local/bin so that it cannot be edited without root permission.

    One approach I have used is to write a small C program that performs only the required actions (in your case killing a process and restarting an application). This program is then installed with set uid root. You can further limit it by having it check the group of the user running it.

    User error. Please replace user and try again

  3. #3
    Join Date
    Apr 2018
    Location
    Finland
    Posts
    97
    Linux (Fedora) Chrome 67.0.3396.79

    Re: [Question]Correct way to run script(which has sudo commands) without password?

    Quote Originally Posted by ocratato
    My immediate reaction is that restartEddie.bash could be edited so as to perform any action and would run as the root user.

    I would start by moving the script to /usr/local/bin so that it cannot be edited without root permission.
    Thanks, this actually makes it feel logical. (Also my problem was partly because I didn't realize that '/home/me/bin' folder isn't in sudo command/root user's PATH. 'sudo restartEddie.bash' didn't worked which made me create that alias. I'm new to this stuff and don't fully understand even all the most basic things.)

  4. #4
    Join Date
    Jun 2005
    Location
    Montreal, Que, Canada
    Posts
    5,308
    Linux (Fedora) Firefox 61.0

    Re: [Question]Correct way to run script(which has sudo commands) without password?

    One way that is frowned upon is as root, to run visudo
    Look for the line with NOPASS and remove the comment # in column 1
    Thereafter admin does not need a password.

    If you want only certain commands allowed for a non admin user, you could insert them into the visudo edited file.

    do man visudo to setup nopassword for your requirements
    Leslie in Montreal

    Interesting web sites list
    http://forums.fedoraforum.org/showth...40#post1697840

  5. #5
    Join Date
    Apr 2018
    Location
    Finland
    Posts
    97
    Linux (Fedora) Chrome 67.0.3396.79

    Re: [Question]Correct way to run script(which has sudo commands) without password?

    Quote Originally Posted by lsatenstein
    One way that is frowned upon is as root, to run visudo
    Look for the line with NOPASS and remove the comment # in column 1
    Thereafter admin does not need a password.

    If you want only certain commands allowed for a non admin user, you could insert them into the visudo edited file.

    do man visudo to setup nopassword for your requirements
    Check the first post.
    Also why is editing visudo frowned upon?

  6. #6
    Join Date
    Jun 2005
    Location
    Montreal, Que, Canada
    Posts
    5,308
    Linux (Fedora) Firefox 61.0

    Re: [Question]Correct way to run script(which has sudo commands) without password?

    It is frowned upon if your system is shared. I just use my system with NOPASS and only myself in the "wheel" group.

    The other thought about being frowned upon is that we sometimes do rm -rf something* and if we are doing something at 1am in the morning we could accidently leave a space between something and the * as sudo rm -rf something *

    Yes, it happened to me once, just after I created my backups.
    Leslie in Montreal

    Interesting web sites list
    http://forums.fedoraforum.org/showth...40#post1697840

Similar Threads

  1. Replies: 19
    Last Post: 24th March 2015, 09:00 PM
  2. How I can run root commands without using sudo ?
    By leandrosrds in forum Using Fedora
    Replies: 9
    Last Post: 6th June 2013, 04:57 AM
  3. Sudo limited commands
    By casket88 in forum Security and Privacy
    Replies: 2
    Last Post: 23rd October 2007, 03:32 AM
  4. Can't use sudo commands
    By kbsuperstar in forum Using Fedora
    Replies: 2
    Last Post: 11th February 2007, 09:32 PM
  5. Replies: 3
    Last Post: 28th October 2005, 02:10 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •