Using sudo in scripts

Brent Fortman Brent.Fortman at radioshack.com
Wed Aug 7 17:18:20 EDT 2002 

The way you are running it, it appears to be working correctly.  Restated,
"sudo test.mnu" will execute the entire script as root.  This means, clear,
echo, ls, ps, mount, and everything in that script file will run as root and
therefore does not need to be defined in the sudoers file.  The only sudoers
definition you need is:
gcall   ALL=/home/gcall/test.mnu
If you were to attempt to run each command separately, from the command line
(as root), you would then have to define each command in the sudoers file.

If you want to allow and deny certain users privilege to run say
"/bin/mount" from the menu system.  Let the users execute test.mnu from
their own userid (not using sudo) and then use sudo on each command inside
the script (as you mentioned doing earlier).
 
Brent

-----Original Message-----
From: Gary Call [mailto:gcall at starcalif.com] 
Sent: Wednesday, August 07, 2002 3:38 PM
To: Brent Fortman
Cc: 'sudo-users at sudo.ws'
Subject: RE: Using sudo in scripts


Okay, maybe I'm an idiot and not doing something correctly, because it
doesn't seem to work for me :)

Here is a sample menu script (just for testing)...
#!/bin/sh
clear

echo "---------- TEST Menu ----------"
echo
echo
echo "1. Run \"ls\""
echo "2. Run \"ps\""
echo "3. Run \"mount\""
echo
echo "Choice: " ; read choice
echo

case $choice in
   1)   ls;;
   2)   /bin/ps;;
   3)   /bin/mount;;
esac

Here is a sample of my sudoers file:
gcall   ALL=/home/gcall/test.mnu,/bin/mount

I execute sudo /home/gcall/test.mnu as user "gcall".  Once in this menu,
all 3 commands will run without going through sudo.  I *thought* that I
would be denied ls and ps, but permitted to run mount.

If I prefix all of the commands with sudo in the script, it then works. 
Am I doing something wrong, or am I assuming incorrectly that all
commands in this script would be prefixed with sudo automatically?

I was hoping to wrap EVERYTHING in the script to use sudo, if I invoked
the script using sudo ---- make sense??

Thanks for all your input!
Gary




On Wed, 2002-08-07 at 11:01, Brent Fortman wrote:
> No, you do not have to pre-fix every command with sudo.  Sudo <myscript>
> will execute all commands in <myscript> as root.
> 
> Brent
> 
> -----Original Message-----
> From: Gary Call [mailto:gcall at starcalif.com] 
> Sent: Wednesday, August 07, 2002 11:38 AM
> To: sudo-users at sudo.ws
> Subject: Using sudo in scripts
> 
> 
> This may sound like a basic question, but I have not been able to find
> an answer anywhere.
> 
> Here is my scenario:
> I need to give "userA" sudo access to a menu driven script.  The menu
> driven script will execute other system commands (i.e. cpio, tar, mt).
> 
> Question:
> If the user executes the script (using sudo), will all of the other
> commands (cpio, tar, mt....) be executed with sudo prefixed, or will I
> need to prefix every command with sudo into the script?
> 
> Any help or guidance is greatly appreciated!
> 
> Thanks,
> Gary
> 
> ____________________________________________________________ 
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users

More information about the sudo-users mailing list