EvilZone
Programming and Scripting => Scripting Languages => : lucid February 01, 2013, 07:57:56 PM
-
Sup pals. I had a quick bash question about permissions. I wrote a wifi connect script because I scrapped networkmanager for a manual connection, but I didn't really want to have to enter all the commands at startup. It executes just fine but it asks for a password before it executes, which I don' t like. Now, I've added commands to the sudoers file before but for some reason it doesn't seem to want to work with custom scripts. Here's what I made:
#! /bin/bash
# Bring up the WiFi interface
sudo ip link set wlan0 up
# Tell wpa_supplicant to use WEXT and associate with SSID
sudo wpa_supplicant -B -Dwext -i wlan0 -c /etc/wpa_supplicant.conf
sleep 5
# Get an IP
sudo dhcpcd wlan0
# Verify
ip addr show wlan
What can I do so that it doesn't ask me for a password? I've googled but nothing seems to fit my particular needs. Thanks.
-
Hey lucid,
Whatsup ?
Either add yourself to the wheel group ; https://wiki.archlinux.org/index.php/Users_and_Groups
Or do as I did;
UsErnAme ALL=(ALL) NOPASSWD: ALL
This way you need to use sudo however it will never ask for password.
Really convinient.
Not really secure though.
Or a totally different approach would be to make sure its executed at boot time on a differnt runlevel.
See: https://wiki.archlinux.org/index.php/Initscripts/runlevels
Let me know if it worked out.
Greetings Proxx.
-
I do not have particular idea of this but what you could possibly do is append the line below:
%sudo ALL=NOPASSWD: ALL
which would then not ask password from all the users who can sudo. Or, you could do that per user:
user_name ALL=(ALL)NOPASSWD: ALL
Just be sure to use visudo to do so as I'm not entirely sure about the syntax.
Alternatively, you could save your script somewhere and try doing this, this is file-specific so might suit you better:
user_name ALL=(ALL) NOPASSWD: /home/username/wifi_script
Make sure you use the sudo visudo command to edit the /etc/sudoers because I am not 100% sure about the syntax I've just written & I'm too lazy to test them :P
-
Unfortunately I've already done this in /etc/sudoers. The first thing it does is ask for a passwd when I execute the script still :/. I'll do some more tweaking but I'd rather not have sudo never ask for a passwd.
Also proxx that link you gave me only works with initscripts. I've switched to systemd. Thanks for the quick replies though.
-
Are you editing with visudo ??
Also logout and login.
-
Try putting
USER_NAME HOST_NAME= NOPWASSWD:
in your sudoers file and anything after the colon put whatever commands you don't want to ask for a password
-
Wait, how come even if I do EDITOR=nano sudo visudo it still seems to be editing with vi?
-
Most probably the culprit is VISUAL as EDITOR environment variable is only checked if VISUAL is not set. Check if VISAUL is set or not (echo $VISUAL).
-
Wait, how come even if I do EDITOR=nano sudo visudo it still seems to be editing with vi?
You have to change your environment variables
# VISUAL="/usr/bin/nano -p -X" visudo
or you can do it system wide by doing
export VISUAL="/usr/bin/nano -p -X"
-
You have to change your environment variables
# VISUAL="/usr/bin/nano -p -X" visudo
or you can do it system wide by doing
export VISUAL="/usr/bin/nano -p -X"
Didn't work. visudo is still editing /etc/sudoers with vi. Fucking hate vi. Maybe I did it wrong? This is annoying I just want to edit the fucking sudoers file.
-
Didn't work. visudo is still editing /etc/sudoers with vi. Fucking hate vi. Maybe I did it wrong?
This is annoying I just want to edit the fucking sudoers file.
I did VISUAL="/usr/bin/nano -p -X" visudo -f /etc/sudoers as root and it worked fine for me
-
I did that and it still edits with vi. I did echo $VISUAL and I get and empty value returned to me. Even after I set it to nano.
I never had a problem with this when I first installed Arch.
-
I did that and it still edits with vi. I did echo $VISUAL and I get and empty value returned to me. Even after I set it to nano.
I get an empty value too
Did you try appending
export VISUAL="usr/bin/nano -p -X" to your .bashrc file?
-
Yes. Wow. Holy fucking shit. None of this stuff is working.
-
Once try: EDITOR=/usr/bin/nano visudo
Well one possibility is that your sudoers file has the entry like below:
Defaults editor="/usr/bin/vim -p -X", !env_editor
Which will not allow you to use editor of your choice so either remove the line or change the vim to nano.
-
Eh, I just said fuckit and used proxx's approach of user ALL=(ALL) NOPASSWD: ALL.
Thanks for the help guys.
-
Haha +1 for me.
Its strange I have been trying different things before I got it to work.
I wish I knew why, or at least where to look.
Well as long as it works.
-
============
EDIT :: You already got a fix I see
============
Either run
sudo visudo and add
your_username ALL= NOPASSWD: path_to_script
or setup systemd service files to start up and configure the interface at boot. Here's an example regarding static ethernet configuration.
https://wiki.archlinux.org/index.php/Systemd/Services#Static_Ethernet_network (https://wiki.archlinux.org/index.php/Systemd/Services#Static_Ethernet_network)
The EnvironmentFile is the text file that contains your network parameters and is sourced in the service file. In the example, ${interface}, ${address} all are defined in the environment file. It can be anywhere in any name.
You could probably use something like:
[Unit]
Description=Network Connectivity
Wants=network.target
Before=network.target
[Service]
Type=oneshot
RemainAfterExit=yes
EnvironmentFile=/etc/conf.d/wrless_conf_file
ExecStart=/sbin/ip link set dev ${interface} up
ExecStart=wpa_supplicant -B -Dwext -i wlan0 -c ${wpa_conf}
ExecStop=/sbin/ip addr flush dev ${interface}
ExecStop=/sbin/ip link set dev ${interface} down
[Install]
WantedBy=multi-user.target
With a /etc/conf.d/wrless_conf_file like
interface=wlan0
wpa_conf=/etc/wpa_supplicant.conf
I use the same method to start up my eth0 network. Other than these, you can try netcfg.
-
Try this, works for me.
#!/usr/bin/python2
import os
command = "pacman -Syu"
sudo_pass = "lulz"
os.system('echo %s|sudo -S %s' % (sudo_pass, command)
I have seen other ways using popen with writing to the pipe, but the code provided should work okay.
The shebang might need to be modified cause I'm using python2.7.X on Arch and I imagine you are too. If you insist on python3 you'll need to intall it and use #!/usr/bin/python instead.
Also, found via:
http://stackoverflow.com/questions/13045593/using-sudo-with-python-script (http://stackoverflow.com/questions/13045593/using-sudo-with-python-script)
With search term (google):
sudo inside python script
;D
------EDIT------
Also works with popen if you need something returned.
import os
command = "hddtemp /dev/sda | cut -c24-25"
sudo_pass = "lulz"
x = os.popen("echo %s | sudo -S %s" % (sudo_pass, command))
x = x.read()
print "*" * 15
print x.strip()
strip() is needed. Just used this on a conky and pythons print returned some format chars or something. strip() fixed it.
But there is a safer way:
http://askubuntu.com/questions/155791/how-do-i-sudo-a-command-in-a-script-without-being-asked-for-a-password (http://askubuntu.com/questions/155791/how-do-i-sudo-a-command-in-a-script-without-being-asked-for-a-password)
-
Haha yeah and storing your userpassword in the clear ;)
-
Haha yeah and storing your userpassword in the clear ;)
Because you locale machine has been rooted eh?
Despite the clear text, I don't see another way without making the ENTIRE user root, and if the afformentioned user was hacked, I really don't see a diff since they are running on root anyway.
You 'could' obfusicate the script making it a bit better, but really, with mentiond methods, I would rather do to the script then having the entire user in root.