Shell scripting question(permissions)

Jerkstore · 12-19-2005, 08:31 PM

I have a simple script written to connect to my mosre common wireless access points, and it uses ifconfig and iwconfig....is there a way to set permissions on this to run as root always without having to su and enter a password??

so if I run it as a normal user then it will still turn on my wireless card and activate the connection as root/super user?

ilikejam · 12-19-2005, 08:58 PM

Hi.

In short, no. Linux doesn't allow setuid scripts.

What you could do is make the iwconfig and ifconfig binaries setuid with: (as root)

Code:

chmod +s /sbin/iwconfig /sbin/ifconfig

It's a bit of a a security risk, but if it's just you on the system, then I'd think it's probably OK.

Dave

denver1980 · 12-20-2005, 05:14 AM

Less risky in case of security breach would be to copie the two binaries to another name less significant name and chmod them

bigearsbilly · 12-20-2005, 06:08 AM

you could specify it in your sudoers file.

Quote:

By default, sudo requires that a user authenticate him or herself before running a command. This behavior can be modified via the NOPASSWD tag. Like a Runas_Spec, the NOPASSWD tag sets a default for the commands that follow it in the Cmnd_Spec_List. Conversely, the PASSWD tag can be used to reverse things. For example:

ray rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm

would allow the user ray to run /bin/kill, /bin/ls, and /usr/bin/lprm as root on the machine rushmore as root without authenticating himself. If we only want ray to be able to run /bin/kill without a password the entry would be:

ray rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm

Jerkstore · 12-20-2005, 11:59 PM

and where would I find this sudoers file?

denver1980 · 12-21-2005, 12:38 AM

in /etc/sudoers.
If you are not familiar with the syntax, use /usr/sbin/visudo to modify it ... il will help you a bit