You are not logged in.
- Topics: Active | Unanswered
#1 2015-09-20 12:55:56
- sweetthdevil
- Member
- Registered: 2009-10-20
- Posts: 417
Bash script containing sudo and sudoers config
Hi,
I have a basch script mounting my Network Hard Drive, executing by a .desktop so I just have to click on the icon (see .desktop .sh below)
I used to be able to execute as it is - but my computer past away so I am currently busy to re-install it all and cannot figure out why it's not working.
Many thanks,
.sh
#!/bin/bash
if [ $(mount | grep -c /mnt/share) != 1 ]
then
sudo -u sweetth sudo mount /mnt/share && sudo -u sweetth nautilus /mnt/share/
else
sudo -u sweetth nautilus /mnt/share/
fi
exit.desktop
#!/usr/bin/env xdg-open
[Desktop Entry]
Name=GoFlex
GenericName=GoFlex
Comment=GoFlex
Exec=sudo /home/sweetth/Documents/Scripts/goflex.sh
Icon=/home/sweetth/.local/share/applications/nas.png
Terminal=false
Type=Application
Categories=Network
Name[en_US]=GoFlexsudoers
sweetth ALL=(ALL) NOPASSWD: /home/Documents/Script/goflex.shOffline
#2 2015-09-20 12:58:31
- Trilby
- Inspector Parrot
- Registered: 2011-11-29
- Posts: 29,563
- Website
Re: Bash script containing sudo and sudoers config
/home/sweetth/Documents/Scripts/goflex.sh !- /home/Documents/Script/goflex.sh
mod note: not a sys admin issue, moving to N.C.
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
#3 2015-09-21 07:48:31
- sweetthdevil
- Member
- Registered: 2009-10-20
- Posts: 417
Re: Bash script containing sudo and sudoers config
Many thanks for the reply - (feeling really silly!)
But that still doesn't works, it's still asking for the password.
Thanks,
Offline
#4 2015-09-21 08:04:27
- Chazza
- Wiki Maintainer
- Registered: 2013-06-02
- Posts: 506
Re: Bash script containing sudo and sudoers config
Maybe mount and nautilus also need to be specified as NOPASSWD?
Offline
#5 2015-09-21 08:34:57
- WorMzy
- Forum Moderator
- From: Scotland
- Registered: 2010-06-16
- Posts: 11,901
- Website
Re: Bash script containing sudo and sudoers config
What is the point of "sudo -u sweetth sudo mount /mnt/share"?
Why not just "mount /mnt/share"?
Sakura:-
Mobo: MSI MAG X570S TORPEDO MAX // Processor: AMD Ryzen 9 5950X @4.9GHz // GFX: AMD Radeon RX 5700 XT // RAM: 32GB (4x 8GB) Corsair DDR4 (@ 3000MHz) // Storage: 1x 3TB HDD, 6x 1TB SSD, 2x 120GB SSD, 1x 275GB M2 SSD
Making lemonade from lemons since 2015.
Offline
#6 2015-09-21 09:32:54
- Raynman
- Member
- Registered: 2011-10-22
- Posts: 1,539
Re: Bash script containing sudo and sudoers config
Why not just `sudo mount /mnt/share` in the script (and allow that specific command with NOPASSWD) and remove all the other sudo invocations?
Offline
#7 2015-09-21 10:51:09
- Trilby
- Inspector Parrot
- Registered: 2011-11-29
- Posts: 29,563
- Website
Re: Bash script containing sudo and sudoers config
Ah, yes, I didn't see all the many sudos in the script. The sudo mount is the one that is failing, I suspect as that is not listed in your sudoers file - but it wouldn't need to be iif you didn't first drop root then try to get it back in that line.
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
#8 2015-09-21 13:53:53
- respiranto
- Member
- Registered: 2015-05-15
- Posts: 479
- Website
Re: Bash script containing sudo and sudoers config
You can also completely avoid using root by adding the 'user' or 'users' option to the probably already existing corresponding line in your fstab. (`mount /mountpoint' should not work elsewise.)
If you do not want any other user to be able to mount the device, you could also use the 'group' option and add yourself to the 'disk' group, which has rw permissions on /dev/sd* and similar.
See also mount(8).
Edit: Instead of parsing mount's output you could also let grep directly operate on the content of /proc/mounts:
grep -q '^[^ ]* /mountpoint ' /proc/mountsLast edited by respiranto (2015-09-21 14:20:31)
Offline
#9 2015-09-21 17:42:56
- sweetthdevil
- Member
- Registered: 2009-10-20
- Posts: 417
Re: Bash script containing sudo and sudoers config
many thanks to all!!!
I added my user to the disk group and add the user on fstab - all good now many thanks.
Offline
#10 2015-09-21 18:12:15
- respiranto
- Member
- Registered: 2015-05-15
- Posts: 479
- Website
Re: Bash script containing sudo and sudoers config
Adding your user to the disk group is only necessary if you want to use the group option instead of the user(s) option.
Be aware that anybody with only temporary access to your user has now the ability to permanently destroy your system by writing directly to your harddrive.
Apart from that, you now can remove all the sudo's in your script.
Edit: clarification to avoid misunderstanding
Last edited by respiranto (2015-09-21 18:13:27)
Offline
#11 2015-09-21 18:15:25
- sweetthdevil
- Member
- Registered: 2009-10-20
- Posts: 417
Re: Bash script containing sudo and sudoers config
Thank you for the reply.
# Adding my user to the group disk didn't allow me to mount the drive. Adding 'user' to the fstab line worked.
And yes all sudo have been removed.
Offline
#12 2015-09-21 18:20:41
- respiranto
- Member
- Registered: 2015-05-15
- Posts: 479
- Website
Re: Bash script containing sudo and sudoers config
Just wanted to make sure, you don't leave this possible security hole, though it's not necessary.
Adding your user to the group disk does only make sense here if you also specify the 'group' option in your fstab. Else it has no effect on mounting abilities.
And it will only work after re-login, by the way,
Offline