[PLUG] Allow User to Run Shell Script As root
Tim
tim-pdxlug at sentinelchicken.org
Mon Mar 19 16:26:15 UTC 2012
On Sun, Mar 18, 2012 at 11:42:42AM -0700, Rich Shepard wrote:
> I'm far from competent with /etc/sudoers syntax.
>
> I have a simple, one-line script in /home/<user>/shell-scripts/homenet.sh
> that I want to have run with root privileges (because it copies
> /etc/resolv.conf.home to /etc/resolv.conf).
>
> With this line in /etc/sudoers
>
> %users = ALL=(root) NOPASSWD /home/<user>/shell-scripts/homenet.sh
>
> the command, 'shell-scripts/homenet.sh', tells me permission is denied to
> create the file. With no entry in /etc/sudoers but running the comand
> following 'sudo ' I'm told that the user is not allowed to execute the
> script as root on that host.
>
> Please educate me in the proper syntax for /etc/sudoers so a user can run
> a shell script as root.
I recommend you move your homenet.sh script out of the user's home
directory. After all, that would probably allow them to modify the
contents of the script, which defeats the whole purpose of restricted
root privileges. It is also possible that sudo has a problem with
this and is trying to prevent you from configuring something
dangerously. Try putting the script in /usr/local/sbin instead.
As for debugging your sudo config, have you looked at your system
logs to see if sudo is complaining about anything? Are you using
visudo to edit the file? I think it's best to use that instead of
editing it directly.
tim
More information about the PLUG
mailing list