HOWTO run command as root without password??
- Thread starter arri
- Start date
Mikuro
Crotchety UI Nitpicker
You could start it from a process that itself has root privileges. Then the command will inherit them silently. Or in Terminal, you could do something like "sudo bash" to get a root-level command prompt in Terminal. You'd need to enter the password for bash, but any command you enter into bash will automatically be root.
<Insert lecture on the dangers of root access here.>
<Insert lecture on the dangers of root access here.>
How about just "sudo -s" ?
arri
Registered
thanks for you answers, but i should have been a bit more specific..
sudo -s / sudo bash would be answers, but what i really wanted to know, is if there's ways, perhaps using a script, or twiddling with users/groups etc.. so that a non-root user can run a specific command as root..without the password.
for a server at my former work the sys-admin once did something similair by giving me (non-root and not in sudoers), permission to restart darwin-streaming server on a debian server. i guess he added me to a specific group or something..although i still needed to type my password.
i guess there's no easy, probably for a reason ..
i asume the only way would be what Mikuro suggests;
having a process that runs as root (script/deamon) monitor some flag, and execute the command if the flag is true..
sudo -s / sudo bash would be answers, but what i really wanted to know, is if there's ways, perhaps using a script, or twiddling with users/groups etc.. so that a non-root user can run a specific command as root..without the password.
for a server at my former work the sys-admin once did something similair by giving me (non-root and not in sudoers), permission to restart darwin-streaming server on a debian server. i guess he added me to a specific group or something..although i still needed to type my password.
i guess there's no easy, probably for a reason ..
i asume the only way would be what Mikuro suggests;
having a process that runs as root (script/deamon) monitor some flag, and execute the command if the flag is true..
Unix has a concept called suid-bit (it is patented, or at least they search
a patent for it at Bell Labs). This means, that when a program that has
suid bit set is run, owner's privileges are used instead of those of the runner.
This is how sudo works. When you check its attributes, you see something
like
$ ls -ls `which sudo`
120 -rwsr-xr-x 1 root root 120696 2006-11-25 19:40 /usr/bin/sudo
(that is from Linux) Check the third letter. Instead of 'x', it is 's'.
You add the suid-bit with chmod like other attributes, like
chmod 755 the-program
chmod u+s the-program
BUT, normally Unix does not allow suid-scripts, that is scripts that have
suid-bit set. So you need a program, that has suid-bit set and let the
program run the script. There is a generic program that does that, and
it is called sudo...
If you do not like to give password all the time, read sudo's manual
pages, the sudoers file part. Or, make a wrapper program that runs only
the script you are intersted in.
a patent for it at Bell Labs). This means, that when a program that has
suid bit set is run, owner's privileges are used instead of those of the runner.
This is how sudo works. When you check its attributes, you see something
like
$ ls -ls `which sudo`
120 -rwsr-xr-x 1 root root 120696 2006-11-25 19:40 /usr/bin/sudo
(that is from Linux) Check the third letter. Instead of 'x', it is 's'.
You add the suid-bit with chmod like other attributes, like
chmod 755 the-program
chmod u+s the-program
BUT, normally Unix does not allow suid-scripts, that is scripts that have
suid-bit set. So you need a program, that has suid-bit set and let the
program run the script. There is a generic program that does that, and
it is called sudo...
If you do not like to give password all the time, read sudo's manual
pages, the sudoers file part. Or, make a wrapper program that runs only
the script you are intersted in.
