-   Linux - Security (
-   -   Add NOPASSWD in /etc/sudoers to only some specific commands (

Turbocapitalist 06-11-2017 01:39 AM

I've moved around some of your reply to make it easier to answer.


Originally Posted by xpdin (Post 5721386)
Thank you very much to all for your replies.
Can someone say please, are there any disadvantages or advantages between the next method and the methods from the above posts?


sudo su

If you want a login shell for root, try sudo -i instead.


Originally Posted by xpdin (Post 5721386)

and write the beyond lines in it:


command in here without sudo
# the end of the scriptname


chown root:root /etc/sudoers.d/scriptname
chown root:root /usr/local/bin/scriptname
chmod 0700 /usr/local/bin/scriptname
chmod 0440 /etc/sudoers.d/scriptname

Yes, that looks good, depending on the details of the command. You have the script out of the way where only root can change it.

Instead of changing both configuration files, I'd put the following in /etc/sudoers.d/scriptname and leave /etc/sudoers alone.


username ALL=(ALL:ALL) NOPASSWD: /usr/local/bin/scriptname

All times are GMT -5. The time now is 02:49 AM.