How To Run Explicit Instructions With out Sudo Password In Linux


Get real time updates directly on you device, subscribe now.

I had a script on my Ubuntu system deployed on AWS. The first objective of this script is to verify if a particular service is working at common interval (each one minute to be exact) and begin that service robotically whether it is stopped for any purpose. However the issue is I would like sudo privileges to start out the service. As you might know already, we must always present password after we run one thing as sudo consumer. However I don’t wish to try this. What I really wish to do is to run the service as sudo with out password. Should you’re ever in a scenario like this, I do know a small work round, In the present day, on this temporary information, I’ll train you the right way to run specific instructions with out sudo password in Unix-like working methods.

Take a look on the following instance.

$ sudo mkdir /ostechnix
[sudo] password for sk:

sudo password 1

As you may see within the above screenshot, I would like to supply sudo password when making a listing named ostechnix in root (/) folder. At any time when we attempt to execute a command with sudo privileges, we should enter the password. Nonetheless, in my state of affairs, I don’t wish to present the sudo password. Here’s what I did to run a sudo command with out password on my Linux field.

Run Explicit Instructions With out Sudo Password In Linux

For any causes, if you wish to enable a consumer to run a specific command with out giving the sudo password, that you must add that command in sudoers file.

I would like the consumer named sk to execute mkdir command with out giving the sudo password. Allow us to see the right way to do it.

Edit sudoers file:

$ sudo visudo

Add the next line on the finish of file.

sk ALL=NOPASSWD:/bin/mkdir

sudo password 7

Right here, sk is the username. As per the above line, the consumer sk can run ‘mkdir’ command from any terminal, with out sudo password.

You may add extra instructions (for instance chmod) with comma-separated values as proven beneath.

sk ALL=NOPASSWD:/bin/mkdir,/bin/chmod

Save and shut the file. Log off (or reboot) your system. Now, log in as regular consumer ‘sk’ and attempt to run these instructions with sudo and see what occurs.

$ sudo mkdir /dir1

sudo password 6

See? Despite the fact that I ran ‘mkdir’ command with sudo privileges, there was no password immediate. Any more, the consumer sk want to not enter the sudo password whereas working ‘mkdir’ command.

When working all different instructions besides these instructions added in sudoers recordsdata, you can be prompted to enter the sudo password.

Allow us to run one other command with sudo.

$ sudo apt replace

sudo password 4

See? This command prompts me to enter the sudo password.

Should you don’t need this command to immediate you to ask sudo password, edit sudoers file:

$ sudo visudo

Add the ‘apt’ command in visudo file like beneath:

sk ALL=NOPASSWD: /bin/mkdir,/usr/bin/apt

Did you discover that the apt binary executable file path is totally different from mkdir? Sure, you have to present the right executable file path. To seek out executable file path of any command, for instance ‘apt’, use ‘whereis’ command like beneath.

$ whereis apt
apt: /usr/bin/apt /usr/lib/apt /and so forth/apt /usr/share/man/man8/apt.eight.gz

As you see, the executable file for apt command is /usr/bin/apt, therefore I added it in sudoers file.

Like I already talked about, you may add any variety of instructions with comma-separated values. Save and shut your sudoers file when you’re finished. Log off and log in once more to your system.

Now, verify in the event you can have the ability to run the command with sudo prefix with out utilizing the password:

$ sudo apt replace

sudo password 5

See? The apt command didn’t ask me the password although I ran it with sudo.

Right here is yet one more instance. If you wish to run a particular service, for instance apache2, add it as proven beneath.

sk ALL=NOPASSWD:/bin/mkdir,/usr/bin/apt,/bin systemctl restart apache2

Now, the consumer can run ‘sudo systemctl restart apache2’ command with out sudo password.

Can I re-authenticate to a specific command within the above case? In fact, sure! Simply take away the added command. Log off and log in again.

Alternatively, you may add ‘PASSWD:’ directive in-front of the command. Take a look at the next instance.

Add/modify the next line as proven beneath.

sk ALL=NOPASSWD:/bin/mkdir,/bin/chmod,PASSWD:/usr/bin/apt

On this case, the consumer sk can run ‘mkdir’ and ‘chmod’ instructions with out getting into the sudo password. Nonetheless, he should present sudo password when working ‘apt’ command.

Disclaimer: That is for educational-purpose solely. You need to be very cautious whereas making use of this technique. This technique may be each productive and harmful. Say for instance, in the event you enable customers to execute ‘rm’ command with out sudo password, they might by accident or deliberately delete vital stuffs. You’ve been warned!

Recommended learn:

And, that’s all for now. Hope this was helpful. Extra good stuffs to come back. Keep tuned!


Thanks for stopping by!

Assist us that will help you:

Have a Good day!!

Source link

Leave A Reply

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More