0

I need to execute a command which is needed to run as root.

I read some post about using hard-coded passwords in scripts could be insecure, but actually I don't care because I'm providing root password to users anyway. It's an stripped system and there's only 2 users: client and root, so avoid warning me about security issues, Go ahead and give a quick and dirty solution.

For this bash script I need to get as superuser using su, then "my command", and then logout.

I don't want the terminal prompt to type the password myself, instead read the password that I'm providing somewhere in script and run the command. It's a priority to not prompt any input by user.

Alternatively, maybe I could install sudo, but is there any chance to run a command without any prompt of password (editing sudoers or something)? What about of using expect?

Update: I forgot to say that is also a portable SO, used for USB sticks (maybe later for CDLive too), as you know, in some distros of this kind is provided a root password if users needed. The command mentioned before is a package extensions for some application install, and only root have privilegies to execute such command (I have to say it's not a apt-get install or rpm command, so don't worry about this).

Improve this question
1
  • 1
    You may get a better answer by describing what you need the script to actually do. Bypassing UNIX's access control infrastructure like that is the UNIX equivalent of a GOTO statement: if you're tempted to use one, it usually means it's time to step back from the problem for a bit and see if you can do what you're trying to do more elegantly. Commented Mar 7, 2011 at 3:55

1 Answer 1

Reset to default
1

If you want a command to be runnable with no password, set that specific command as runnable with no password in your /etc/sudoers file (limiting the arguments to only the specific ones you wish to allow, if your use case allows that limitation).

This is as simple as setting the NOPASSWD: flag for the relevant sudoers entry.

If you really, really don't care about security, it could be as simple as this:

%admin ALL=(ALL) NOPASSWD: ALL

(after putting sudo-capable users in the admin UNIX group)

...or, if you did care, you could do something specific:

someuser ALL = NOPASSWD: /usr/local/sbin/my_admin_command

Note that if these commands will be run with no user present, they also may not have a TTY assigned; in such a case, you must be sure that your sudoers file doesn't contain the (oft-present-by-default) line:

Defaults requiretty

...or that the effect of this default is being specifically discarded by the line granting permissions.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.