Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
10-09-2009, 01:33 PM
|
#1
|
|
LQ Newbie
Registered: Aug 2009
Posts: 22
Rep: 
|
Help with sudoers
I have to execute a script that calls a second script for some report data. The second script can only be executed by root in root's environment. So I need to be able to run 'sudo second_script.sh' as root without being asked for a password. How can I set that up?
|
|
|
|
|
10-09-2009, 01:38 PM
|
#2
|
|
LQ Newbie
Registered: Oct 2009
Distribution: PCLinuxOS
Posts: 3
Rep: 
|
I'm going to assume you're using Ubuntu. Try 'sudo su'. This will permanently make you root so after executing your script make sure you type 'exit' or close the CLI.
|
|
|
|
|
10-09-2009, 01:45 PM
|
#3
|
|
Member
Registered: Jul 2008
Posts: 197
Rep:
|
Hi DrStrangepork,
Usually, running sudo command will ask for password if you are using a normal user. but, if you can tell us the distro you are using then maybe you might get some better replies.
As suggested by Chomp, if you using ubuntu, then you can try 'sudo su' to run your script, and use 'exit' to close the connection for sudo later. I am using RHEL-5 , and every time I use 'sudo' command, I need to provide root password to go ahead.
Cheers,
Kapil.
|
|
|
|
|
10-09-2009, 02:30 PM
|
#4
|
|
LQ Newbie
Registered: Aug 2009
Posts: 22
Original Poster
Rep:
|
Here's some more background. I am running Ubuntu (lenny/sid). Basically, this script has to run as nagios, and nagios must then be able to execute 'sudo second_script.sh" without being prompted for a password. Further, I can't (shouldn't) give nagios any more permissions than the minimum necessary to execute this one command. That is what I am trying to setup. I tried running just 'sudo su' as nagios and was prompted for a password (I didn't think that would work). And the user nagios does not have a password in /etc/passwd, so piping one to 'sudo -S' is not going to work either.
And here is part of my /etc/sudoers (I'm trying as little security as possible and working my way backwards):
# User privilege specification
root ALL=(ALL) ALL
nagios ALL=(ALL) ALL
Even with that configuration, running any command as nagios with 'sudo' requires me to enter a password. Running the same command as root does not prompt me for a password.
Last edited by DrStrangepork; 10-09-2009 at 02:33 PM.
Reason: additional info
|
|
|
|
|
10-09-2009, 02:55 PM
|
#5
|
|
Member
Registered: Mar 2005
Posts: 100
Rep:
|
This is what I use.
# User privilege specification
root ALL=(ALL) ALL
yourname ALL=(ALL) NOPASSWD: ALL
Then you don't even need the password when using sudo on the command line.
BTW I should get a thanks for this one, I have answered this question twice
in the last 5 minutes. 
Last edited by Widgeteye; 10-09-2009 at 02:57 PM.
|
|
|
|
|
10-09-2009, 03:09 PM
|
#6
|
|
LQ Newbie
Registered: Aug 2009
Posts: 22
Original Poster
Rep:
|
I set up that same configuration, and I still get prompted for a password....
I tried:
nagios ALL=(ALL) NOPASSWD: ALL
and
nagios ALL=NOPASSWD: ALL
and both still require a password. There aren't any services that need to be restarted after changing /etc/sudoers right? Just logout as nagios and log back in?
|
|
|
|
|
10-09-2009, 06:35 PM
|
#7
|
|
Member
Registered: Mar 2005
Posts: 100
Rep:
|
OK, you have to edit the file using "visudo" as root.
type visudo sudoers
then make the changes and save. you have to edit with "visudo"
|
|
|
|
|
10-13-2009, 07:32 AM
|
#8
|
|
LQ Veteran
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,756
|
Quote:
|
I'm going to assume you're using Ubuntu. Try 'sudo su'. This will permanently make you root so after executing your script make sure you type 'exit' or close the CLI.
|
Quote:
# User privilege specification
root ALL=(ALL) ALL
yourname ALL=(ALL) NOPASSWD: ALL
Then you don't even need the password when using sudo on the command line.
|
Please note that from a security standpoint, you really don't want to be doing either of these. The whole idea behind sudo is to give root privileges for only those commands necessary for the user to use. My personal opinion is that the *buntus should be flogged for their bastardization of sudo (but that is another rant).
Anyway, the Gentoo documentation may help you figure out the syntax. One thing to note is that the sudoers file enforces the last rule it finds that matches, so if you have a later rule that requires a password, that could force a password here. |
|
|
|
|
10-13-2009, 07:53 AM
|
#9
|
|
Senior Member
Registered: May 2009
Location: london
Distribution: centos5
Posts: 1,137
Rep:
|
Quote:
Originally Posted by DrStrangepork
I set up that same configuration, and I still get prompted for a password....
I tried:
nagios ALL=(ALL) NOPASSWD: ALL
and
nagios ALL=NOPASSWD: ALL
and both still require a password. There aren't any services that need to be restarted after changing /etc/sudoers right? Just logout as nagios and log back in?
|
have a command alias set up, and then user priv set up.
Code:
# Cmnd alias specification
Cmnd_Alias BIN = /usr/local/bin
# User privilege specification
nagios ALL=BIN, NOPASSWD: BIN
|
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 11:07 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
