LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices



Reply
 
Search this Thread
Old 06-26-2012, 02:50 PM   #1
hesisaboury
Member
 
Registered: Dec 2010
Location: iran
Posts: 173

Rep: Reputation: 0
Run command as root


Hello,
i want to allow a user execute some commands as root but i dont want user have root password...
for example a batch script that it's commands require root privilege....

any suggestion..
 
Old 06-26-2012, 03:05 PM   #2
mjmohebbi
LQ Newbie
 
Registered: Jun 2012
Location: Tehran ,Iran
Posts: 7

Rep: Reputation: Disabled
User can run commands, under the /usr/local/bin directory


You must put these commands under this directory. :-)
 
Old 06-26-2012, 03:07 PM   #3
Didier Spaier
Senior Member
 
Registered: Nov 2008
Location: Paris, France
Distribution: Slackware{,64}-{14.1,current} on a Lenovo Thinkpad W520
Posts: 4,678

Rep: Reputation: 1240Reputation: 1240Reputation: 1240Reputation: 1240Reputation: 1240Reputation: 1240Reputation: 1240Reputation: 1240Reputation: 1240
It is exactly the purpose of the 'sudo' command, see 'man sudo'.
 
Old 06-26-2012, 07:34 PM   #4
John VV
Guru
 
Registered: Aug 2005
Posts: 13,522

Rep: Reputation: 1805Reputation: 1805Reputation: 1805Reputation: 1805Reputation: 1805Reputation: 1805Reputation: 1805Reputation: 1805Reputation: 1805Reputation: 1805Reputation: 1805
as Didier Spaier stated use " sudo"

however NOT all Linux operating systems have sudo set up
redhat and that family ( rhel,cent,sl,fedora,clear,...) do NOT have sudo set up
and in some cases not even installed

so depending on just what os you are using , it might need to be installed or at least configured
 
Old 06-27-2012, 12:28 AM   #5
hesisaboury
Member
 
Registered: Dec 2010
Location: iran
Posts: 173

Original Poster
Rep: Reputation: 0
Thank u all,
i used sudo but still want password for running command.

any suggestion..
 
Old 06-27-2012, 12:41 AM   #6
John VV
Guru
 
Registered: Aug 2005
Posts: 13,522

Rep: Reputation: 1805Reputation: 1805Reputation: 1805Reputation: 1805Reputation: 1805Reputation: 1805Reputation: 1805Reputation: 1805Reputation: 1805Reputation: 1805Reputation: 1805
yes the NORMAL users password
as is set up in the sudoers file
but without knowing what os this is
i have no way of knowing if that file is set up or not
 
Old 06-27-2012, 12:56 AM   #7
blue_print
Member
 
Registered: May 2010
Location: In world
Distribution: RHEL, CentOS, Ubuntu
Posts: 275
Blog Entries: 3

Rep: Reputation: 49
If you want a normal user to execute some commands as root without root password, you will need to edit /etc/sudoers file

use visudo command

For example: If the user stest wants to execute '/sbin/fdisk' and '/sbin/parted', they entry will be like this,

Code:
stest           ALL= NOPASSWD: /sbin/fdisk, /sbin/parted
Make sure, you're putting sudo before executing the commands that the users would need to execute.
 
Old 06-27-2012, 07:16 AM   #8
hesisaboury
Member
 
Registered: Dec 2010
Location: iran
Posts: 173

Original Poster
Rep: Reputation: 0
another problem is after adding "stest ALL= NOPASSWD: /sbin/iptables" ,,, the user will have full access to iptables . this is real problem for me.
 
Old 06-27-2012, 07:21 AM   #9
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Main: Gentoo Others: What fits the task
Posts: 15,653
Blog Entries: 2

Rep: Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096
If you don't trust your user enough to give him access to that program then don't give him access to that program. Trust is one of the basic principles of security. In this case you may be have to ask your boss to let a different user make this job.
 
Old 06-27-2012, 01:18 PM   #10
frieza
Senior Member
 
Registered: Feb 2002
Location: harvard, il
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,111

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
frankly allowing ANY command to be run as root without challenging for a password is a horribly bad idea, especially in a workplace environment, you will probably get away with doing that on a home computer, but not so much in an office type environment.

it's not just the integrity of said user that you must be able to trust then, but the integrity of that user's account, as well as the vigilance of said user to not walk away from his computer with a logged in, unlocked session as anyone who gains access to that account can gain access to said commands, and could perhaps exploit vulnerabilities in said program to gain more access.

trust me, you WANT the user to be challenged for a password and anyone who can't be bothered to enter a password to perform administrative tasks shouldn't be doing the job.. period.

though i can see not giving carte blanch access to root, which is as mentioned by previous users what sudo is for.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Run command as root on startup demencia Linux - Newbie 6 05-14-2011 06:28 PM
how to run a command under root as another user? fab76 Linux - General 4 01-11-2010 02:25 AM
Need to run a command, as root, from PHP tibberous Linux - Server 4 07-12-2009 06:47 PM
How to run a root command from script? terry-duell Fedora 2 02-16-2009 04:55 PM
why lftp command run failed when user isn't root, but ok when logining as root steven_yu Linux - Software 0 06-06-2007 09:36 PM


All times are GMT -5. The time now is 11:00 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration