run script as root without password

by jibtga   Last Updated November 10, 2017 20:02 PM

I want to run a script without prompt for password. I edited /etc/sudoers file and I wrote several lines behind last one. This is my file:

Defaults    env_reset

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

#includedir /etc/sudoers.d

jose ALL= NOPASSWD: /sbin/shutdown -h now
jose ALL= NOPASSWD: /sbin/shutdown -r now
jose ALL= NOPASSWD: /home/jose/

The script code (it works fine with password) is:


echo "Empezando sincronizar....."

ping -c 1 -t 1 > /dev/null 2> /dev/null # ping and discard output

if [ $? -eq 0 ]; then # check the exit code
echo "${ip} is up" # display the output
sudo mount -t smbfs // /home/jose/pc1
rsync -r -u -verbose /home/jose/pc1/movies/ /home/jose/Movies/
rsync -r -u -verbose /home/jose/pc1/series/ /home/jose/TV?Shows/
sudo umount /home/jose/pc1

# you could send this to a log file by using the >>pinglog.txt redirect
echo "${ip} is down"

echo "Fin sincronizacion"

I can shutdown and reboot without type password but when I try to run the last line, the script prompt for password. I replace the script path for "ALL" and I can run root comands without password but I can't run the mount / umount command and the script.

User belongs....

jose : jose adm dialout cdrom floppy audio video plugdev users lpadmin sambashare admin

Any help? Thanks in advance.

Tags : mount sudo

Answers 2

In /etc/sudoers (please use visudo to edit) add:

jose ALL= NOPASSWD: /bin/mount
jose ALL= NOPASSWD: /bin/umount
June 13, 2012 08:34 AM

The fix

  1. In /etc/sudoers make sure the line is still there says:

    jose ALL= NOPASSWD: /home/jose/

    Do NOT delete that line!

  2. Optional: In your script, remove the sudos in front of every command using for exapmle:

    sed -i 's/^\(\s*\)sudo\s*/\1/g' /home/jose/

    This is not necessary but proofs a point. You can leave the files as it is, if you want to be able to execute it as regular user, without sudo /home/jose/, and then be asked for a password.

  3. Run your script with:

    sudo /home/jose/

    sudo will not prompt you for a password. It is important to have the sudo in front of your call to the script.

Also for security reasons run the following commands on your script:

sudo chown root:root /home/jose/
sudo chmod o-rwx /home/jose/

This way no one can edit your script without the root password. This important because else everyone that sits on your computer as a free and password-less method to execute commands as root.

The problem

The problem with the way you did it is, that you give permissions to run the script with root privileges but don't actually run it as root using sudo.

The only thing you run as root are the two commands that have "sudo" in front of them (which are of course umount /home/jose/pc1 and mount -t smbfs // /home/jose/pc1). But those two mount commands do NOT have root permissions (and should NOT despite pl1nk describing how you'd give them root permission in his answer), as they are not listed in /etc/sudoers to have NOPASSWD fot the user jose.

August 27, 2012 10:32 AM

Related Questions

How to avoid sudo?

Updated February 22, 2018 17:02 PM

Create a desktop shortcut for a terminal comand

Updated February 27, 2017 20:02 PM