1

How to `sudo` shell scripts with NOPASSWD in authorized_keys?

view story
linux-howto

http://unix.stackexchange.com – I visudoed sudoers to allow a user to run one bash script with a passwordless sudo, which works fine when logged in (also via SSH). However, when I log in via SSH using public key authentication and configure authorized_keys' command="sudo myScript", I am promped for the user password by sudo. Having the script itself use sudo on another program does however work without requiring a password. What's the problem here and how can I solve it? Here's the uncommented parts of sudoers: Cmnd_Alias DMCRYPT = /opt/bin/dm.mount, /opt/bin/dm.umount root ALL=(ALL) ALL crypter ALL=(root) NOPASSWD: DMCRY (HowTos)

missing's picture
Submitted by missing on 10/17/2012

Stories similar to How to `sudo` shell scripts with NOPASSWD in authorized_keys?

I've set up sudo not to prompt for password by editing the sudoers file:

myuser ALL=(ALL:ALL) NOPASSWD: ALL

And it works fine, running sudo with no password prompting. But when entering sudo -v I noticed that it prompted for password, only once.

When I create new Ubuntu 12.10 instances, I typically bootstrap them by manually SSHing onto the machine and editing the sudoers to put a NOPASSWD on the default user (e.g., ec2-user, azureuser, etc.). Then my install scripts can sudo various commands without having to provide a password.

I don't have anything against passwords.

I have a script run from a non-privaleged users' crontab that invokes some commands using sudo. Except it doesn't. The script runs fine but the sudo'ed commands silently fail.

The script runs perfectly from a shell as the user in question. Sudo does not require a password. The user in question has (root) NOPASSWD: ALL access granted in /etc/sudoers. Cron is running and executing the script.

sudo does not work. I have installed Arch onto a USB key, using BTRFS. The output of "sudo" is:

$ sudo sudo: unable to stat /etc/sudoers: Permission denied sudo: no valid sudoers sources found, quitting sudo: unable to initialize policy plugin

$ ls -l /etc/sudoers -r--r----- 1 root root 2849 May 18 15:00 /etc/sudoers

$ lsattr /etc/sudoers --------------- /etc/sudoers

$ strace -u ross sudo true

sudo+apache 3 years 24 weeks ago

Hello

I add (visudo) to file sudoers: Cmnd_Alias SENDFAX=/usr/local/bin/sendfax * apache ALL=NOPASSWD: SENDFAX

When i use php script with command: sudo sendfax -D -n -d number file > ok.log 2>> not-ok.log

I get

I'm trying to make my sudoers file allow a user to adjust the backlight without having to enter in the password. This is what I have:

# User alias specification Cmnd_Alias ADJBL = /usr/bin/su -c "echo 150 >/sys/class/backlight/intel_backlight/brightness"

# For our user.. ouruser HOME=(root) NOPASSWD:ADJBL

..

Sudo does not work in chroot 22 weeks 5 days ago

I would like to be able to use the sudo command in a chroot environment.

I start the chroot as follows:

chroot /debian-squeeze /bin/bash

Now I'm logged in as root in the chroot. I can do su user to log in as a user named user.

I run ubuntu-12.04 desktop x86_64. I have a simple script that needs to be accessible from the Desktop and run as root:

$ cat ~/Desktop/flash.sh #!/bin/bash -

cd ~/tools sudo ~/tools/fastboot-HW.sh

I've read this and that and that also.

In /usr/local/bin I've the following script called sdown

/usr/local/bin$ cat sdown #!/bin/bash

if [ $# -lt 1 ]; then echo "no time set" else sudo shutdown -h $1 fi

Permssions are 788: -rwxr-xr-- user user sdown

The point is if I run the script it's prompting for the sudo password:

/usr/local/bin$ sdown 13:37 [sudo] password for user:

Just to make my life even better I'd like to avoid