Using sudo in scripts
gcall at starcalif.com
Wed Aug 7 18:34:25 EDT 2002
Ding..ding...ding! The light in my head finally turned on. It is very
clear now, after all of your explanations...
Thank you all for your help!
On Wed, 2002-08-07 at 14:18, Brent Fortman wrote:
> The way you are running it, it appears to be working correctly. Restated,
> "sudo test.mnu" will execute the entire script as root. This means, clear,
> echo, ls, ps, mount, and everything in that script file will run as root and
> therefore does not need to be defined in the sudoers file. The only sudoers
> definition you need is:
> gcall ALL=/home/gcall/test.mnu
> If you were to attempt to run each command separately, from the command line
> (as root), you would then have to define each command in the sudoers file.
> If you want to allow and deny certain users privilege to run say
> "/bin/mount" from the menu system. Let the users execute test.mnu from
> their own userid (not using sudo) and then use sudo on each command inside
> the script (as you mentioned doing earlier).
> -----Original Message-----
> From: Gary Call [mailto:gcall at starcalif.com]
> Sent: Wednesday, August 07, 2002 3:38 PM
> To: Brent Fortman
> Cc: 'sudo-users at sudo.ws'
> Subject: RE: Using sudo in scripts
> Okay, maybe I'm an idiot and not doing something correctly, because it
> doesn't seem to work for me :)
> Here is a sample menu script (just for testing)...
> echo "---------- TEST Menu ----------"
> echo "1. Run \"ls\""
> echo "2. Run \"ps\""
> echo "3. Run \"mount\""
> echo "Choice: " ; read choice
> case $choice in
> 1) ls;;
> 2) /bin/ps;;
> 3) /bin/mount;;
> Here is a sample of my sudoers file:
> gcall ALL=/home/gcall/test.mnu,/bin/mount
> I execute sudo /home/gcall/test.mnu as user "gcall". Once in this menu,
> all 3 commands will run without going through sudo. I *thought* that I
> would be denied ls and ps, but permitted to run mount.
> If I prefix all of the commands with sudo in the script, it then works.
> Am I doing something wrong, or am I assuming incorrectly that all
> commands in this script would be prefixed with sudo automatically?
> I was hoping to wrap EVERYTHING in the script to use sudo, if I invoked
> the script using sudo ---- make sense??
> Thanks for all your input!
> On Wed, 2002-08-07 at 11:01, Brent Fortman wrote:
> > No, you do not have to pre-fix every command with sudo. Sudo <myscript>
> > will execute all commands in <myscript> as root.
> > Brent
> > -----Original Message-----
> > From: Gary Call [mailto:gcall at starcalif.com]
> > Sent: Wednesday, August 07, 2002 11:38 AM
> > To: sudo-users at sudo.ws
> > Subject: Using sudo in scripts
> > This may sound like a basic question, but I have not been able to find
> > an answer anywhere.
> > Here is my scenario:
> > I need to give "userA" sudo access to a menu driven script. The menu
> > driven script will execute other system commands (i.e. cpio, tar, mt).
> > Question:
> > If the user executes the script (using sudo), will all of the other
> > commands (cpio, tar, mt....) be executed with sudo prefixed, or will I
> > need to prefix every command with sudo into the script?
> > Any help or guidance is greatly appreciated!
> > Thanks,
> > Gary
> > ____________________________________________________________
> > sudo-users mailing list <sudo-users at sudo.ws>
> > For list information, options, or to unsubscribe, visit:
> > http://www.sudo.ws/mailman/listinfo/sudo-users
More information about the sudo-users