LinuxQuestions.org - Edit sudoers by script

- Programming (https://www.linuxquestions.org/questions/programming-9/)

- - Edit sudoers by script (https://www.linuxquestions.org/questions/programming-9/edit-sudoers-by-script-645094/)

Edit sudoers by script

Is there any way to edit the sudoers file automatically through a script? I tried it with this line but it said "Warning: input is not from the terminal" and quit.

Code:

#!/bin/bash





echo "******" | sudo -S visudo 

echo "$USER ALL= NOPASSWD: /home/$USER/Desktop/scripts/cifs" >> /etc/sudoers

I realize how dangerous this is. I just wanted to try it out.

What about just using cat? I think vi can't be used non-interactively.

What do you mean? Like using cat to place the information into the file itself?

Yes, but it'll have to be a two-step process.

cat "whatever you say" >> /etc/sudoers

That will put the line at the bottom (append) of the sudoers file. Or, you can do a:

cat /etc/sudoers | sed 's/your-user-name/your-user-name\,new-user-name/g' > newsudoers
mv /etc/sudoers old-sudoers
mv /etc/newsudoers /etc/sudoers

You'll have to then do a:

chmod 400 /etc/sudoers.

to make it work. Not sure what the perms need to be, but SUDO is very picky about what permissions are on that file. That's one of the things that VISUDO does, so take a good look at the existing sudoers file, before beginning. If the permissions are wrong, sudo won't work, and you'll have to su to root, and run visudo to fix it.

Please note that this is a very quick and dirty method, and that I wouldn't EVER do what you're trying to do.

I agree it'd be nice to know why you'd want to do this, sounds like a possible security hole if you're not very careful.

Simple precaution is to *not* operate on the original but on a temporary copy of /etc/sudoers, then after you're done run 'visudo -q -c -s -f ' on the copy and let the exit value decide if it will be fine or fscked.