Solved how to run sudo from inside script?

[fred974]

Hi,
I need to run sudo from inside a sh script and I wonder if anyone could explain me how to do that?
Here is my partial code

cat << 'EOF' > /usr/local/etc/hiawatha/bindings.conf
Binding {
        Port = 80
        #Interface = MyIPv4
        MaxKeepAlive = 100
        TimeForRequest = 5,15
        MaxRequestSize = 2000
        MaxUploadSize = 2
}

#Binding {
#        Port = 443
#        Interface = MyIPv4
#        MaxKeepAlive = 100
#        TimeForRequest = 5,15
#        TLScertFile = /etc/ssl/localcerts/blog_example_tld.pem
#        MaxRequestSize = 2000
#        MaxUploadSize = 2
#}

#Binding {
#        Port = 80
#        Interface = MyIPv6
#        MaxKeepAlive = 100
#        TimeForRequest = 5,15
#        MaxRequestSize = 2000
#        MaxUploadSize = 2
#}

#Binding {
#        Port = 443
#        Interface = MyIPv6
#        MaxKeepAlive = 100
#        TimeForRequest = 5,15
#        TLScertFile = /etc/ssl/localcerts/blog_example_tld.pem
#        MaxRequestSize = 2000
#        MaxUploadSize = 2
#}
EOF

Looking at sh(1), I tried to start sudo -c cat... but that didn't work.

 

[SirDice]

You use it the same way as on a command line. I.e. sudo cat {.....}.

 

[NewGuy]

The sudo command usually prompts for a password which makes it a poor command for shell scripting. Usually people work around this in one of three ways:
1. Run the script itself with sudo.
2. Run the script as root.
3. Grant your user rights in the suoders file to run the command you want your script to run without a password.

 

[fred974]

Grant your user rights in the suoders file to run the command you want your script to run without a password.

Do you mean something like

fredadmin ALL=(ALL) NOPASSWD: /???

What do I type for the ???

 

[gkontos]

fredadmin  ALL=(ALL)   NOPASSWD: ALL

 

[fred974]

fredadmin ALL=(ALL) NOPASSWD: ALL

This is how my account is setup at the moment.
but I cannot run the srcript with sudo as it is to install wordpress and I don't want to give root permission to any of these files..
just need to be able to write to /usr/local/hiawatha in sudo

 

[Juha Nurmela]

Check out # su -m pseudouser. You can run a shell with identity nobody or similar, even when the account shell is nologin or similar. Might not help in this case, but...

# su -m uucp -c id
uid=66(uucp) gid=66(uucp) groups=66(uucp)

Juha

 

[ondra_knezour]

See sudoers(5). You may specify who can run what, as who, from where, with or without password etc. Sudo is not abbreviation for run everything as root

 

[Juha Nurmela]

Maybe, in this case, you would want to run the preparation scripts as root. Create the configuration as root, making sure umask is 022 etc, and sellectively chown/chmod only those files/directories which must be updated by the restricted account.

Juha

 

[fred974]

I decided that the best option is to run 2 separate scripts.
Thank you all for your advises