[SOLVED] run script as root without password

jibtga · 06-12-2012, 02:42 PM

I want to run a script without prompt for password.
I edited /etc/sudoers file and I wrote several lines behind last one. This is my file:

#
Defaults env_reset

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL

#includedir /etc/sudoers.d

jose ALL= NOPASSWD: /sbin/shutdown -h now
jose ALL= NOPASSWD: /sbin/shutdown -r now
jose ALL= NOPASSWD: /home/jose/sync.sh

I can shutdown and reboot without type password but when I try to run the last line, the script prompt for password.

The script code (that work fine with password) is:

#!/bin/bash
#Filename: sync.sh

echo "Empezando sincronizar....."

ping -c 1 -t 1 172.18.2.100 > /dev/null 2> /dev/null # ping and discard output

if [ $? -eq 0 ]; then # check the exit code
echo "${ip} is up" # display the output
sudo mount -t smbfs //172.18.2.100/Downloads /home/jose/pc1
rsync -r -u -verbose /home/jose/pc1/movies/ /home/jose/Movies/
rsync -r -u -verbose /home/jose/pc1/series/ /home/jose/TV?Shows/
sudo umount /home/jose/pc1

# you could send this to a log file by using the >>pinglog.txt redirect
else
echo "${ip} is down"
fi

echo "Fin sincronizacion"

I've read a lot of forums but I can't solve the question.

Any help? Thanks.

fogpipe · 06-12-2012, 03:22 PM

What i did to solve a similar problem, was first making sure my user belongs to all the appropriate groups in /etc/group, putting the following in /etc/sudoers

Code:

Defaults:myuser   !requiretty

Substitute your actual username for myuser

and running my script in an xterm with

Code:

xterm -e scriptname

Hope this points you in the right direction.

Also make sure that /home/jose/pc1 appears in /etc/fstab with the "user" flag set.

jibtga · 06-12-2012, 04:18 PM

User belongs....

jose : jose adm dialout cdrom floppy audio video plugdev users lpadmin sambashare admin

I put "Defaults:jose !requiretty" in sudoers and it doesn't work.

Thanks, any idea?

VDP76 · 06-12-2012, 06:33 PM

I guess the point is just that your script includes the sudo command to mount and unmount your remote drive.
I would try to add your samba drive in /etc/fstab with the option users so that non-root user can mount it, this might help.

good luck

p.s.: please, when posting code and/or terminal outputs use the [CODE] tags, it make the thread more readable..

jibtga · 06-14-2012, 05:04 AM

Great, it works, but I am wondering why mount command doestn't work when I add at the end of sudures file:

Quote:

jose ALL= NOPASSWD: ALL

And others commands work without password.

VDP76 · 06-14-2012, 07:24 AM

Glad it worked! So you might want to use the thread tools and mark it as solved.

I guess to have mount working without sudo you need to add specific lines to your sudoers file, check this out.

Anyway, I guess you already know that what you are doing is dangerous for the security of your system, so I won't tell you...

acid_kewpie · 06-14-2012, 07:26 AM

there appears to be NO justification for using sudo here at all. If you want to do that mount as a normal user, just put the entry into /etc/fstab.

Roken · 06-14-2012, 07:46 AM

The way I've always done it, rather than giving the whole script root priveliges, is to use a simple echo statement piped to sudo:

Code:

echo "password" | sudo -S rootcommand

acid_kewpie · 06-14-2012, 08:23 AM

Quote:

Originally Posted by Roken

The way I've always done it, rather than giving the whole script root priveliges, is to use a simple echo statement piped to sudo:

Code:

echo "password" | sudo -S rootcommand

Wow, that's... horrible! why would you want to hardcode a password???

Roken · 06-14-2012, 09:26 AM

Well, for me it's safe. I'm the only user on this system and login is protected anyway. If anyone could get into the system then they already have the password.

I admit it's not a good solution on a multi-user/networked system.

acid_kewpie · 06-14-2012, 09:31 AM

Quote:

Originally Posted by Roken

Well, for me it's safe. I'm the only user on this system and login is protected anyway. If anyone could get into the system then they already have the password.

I admit it's not a good solution on a multi-user/networked system.

just update /etc/sudoers in future, it's no more work at all.