Adding users to sudoers through shell script
You could simply echo
(with elevated privileges, of course) directly to the /etc/sudoers
file:
sudo -i
echo 'nickw444 ALL=(ALL:ALL) ALL' >> /etc/sudoers
# ^^
# tab
(note the tab character between the username and the first ALL
)
Or, for a script:
#!/bin/bash
# Run me with superuser privileges
echo 'nickw444 ALL=(ALL:ALL) ALL' >> /etc/sudoers
Then save to somefile.sh
, chmod a+rx
it, and run sudo ./somefile.sh
from a terminal window.
To add multiple users, change the script to this;
#!/bin/bash
while [[ -n $1 ]]; do
echo "$1 ALL=(ALL:ALL) ALL" >> /etc/sudoers;
shift # shift all parameters;
done
Then, run the script like this (assuming you saved it as addsudousers.sh
):
sudo ./addsudousers.sh bob joe jeff
that is, space-separated.
To read the names from a file:
nickw444@laptop ~ $ sudo ./addsudousers.sh `cat listofusers.txt`
listofusers.txt
should also be space-separated.
Edit: Jappie Kirk rightly points out that you can't directly call sudo echo ... >> /etc/sudoers
because the >>
redirection is handled by the shell, which has by that point dropped the superuser privileges. However, if you run a script that contains echo ... >> /etc/sudoers
and the script itself has superuser privileges, everything should work just fine.
Create sudo users from script?
visudo
honors EDITOR env var which defines the editor program to use.
Thus, you can use sed
as editor, tell sed to read commands from STDIN (-f-
) and pass the changes to the whole visudo/sed pipline via STDIN.
Example:
echo '$ a # comment' | EDITOR="sed -f- -i" visudo
This will add '# comment' line to the end of sudoers file.
($ instructs sed to append the line to the end of file, 'a' is the command to append followed by the line).
In order to add a sudoer, you will need something like
echo '$ a kirk ALL=(spock) NOPASSWD: ALL' | EDITOR="sed -f- -i" visudo
Note that visudo also does syntax check so it will fail if the command produces broken sudoers file:
root@chi:~# echo '$ a broken directive' | EDITOR="sed -f- -i" visudo
>>> /etc/sudoers: syntax error near line 44 <<<
P.S. Tested with GNU sed 4.2.2. There may be problems with e.g. Busybox sed.
How to append a line at the end of /etc/sudoers file using shell script (without using pssh tool)
cat >> /etc/sudoers << EOF
nagios ALL = NOPASSWD: /bin/su - root -c /etc/init.d/crond status
nagios ALL = NOPASSWD: /bin/su - hadoop -c hadoop dfsadmin -safemode get
nagios ALL = NOPASSWD: /bin/su - hadoop -c klist
EOF
Adding sudo permissions to sudoers for user via shell script
My solution is to have the script ask the user to enter his password and store the value in a variable to be used along with Expect. The script installs Expect if it's not installed and then the script does:
read -p "Please enter your password: " PASSWD
export PASSWD
username=$USER
export username
if [[ ! `sudo -l -U "$USER" 2>&1 | grep "ALL"` ]]; then
expect -c '
spawn "su -c \"cat <<EOF >> /etc/sudoers.d/$env(username)
$env(username) ALL=(ALL:ALL) ALL
$env(username) ALL=(ALL) NOPASSWD:ALL
EOF
\"
"
expect "Password:\r"
send $env(PASSWD)
interact
'
fi
Related Topics
Kernel Oops Page Fault Error Codes for Arm
Is There Any General Interfaces on Linux to Simulate Mouse Movements and Click
Accept Multiple Lines of Input in a Bash Script
Running Linux Container on Docker Windows
Qwidget/X11: Prevent Window from Beeing Activated/Focussed by Mouse Clicks
Is There a Linker Flag to Force It to Load All Shared Libraries at Start Time
Tensorflow Recommended System Specifications
Data Pointers in Inode Data Structure
Windows <Sys/File.H> Equivalent
How to Schedule a Cron for The First Thursday of Every Month
Linux: How to Send a Whole Packet to a Specific Port on Another Host
Clearing Large Apache Domain Logs
Detect If Something Is Modified in Directory, and If So, Backup - Otherwise Do Nothing
Sharing Executable Memory Pages in Linux
How to Avoid High CPU Usage While Reading/Writing Character Device
How to Setup Virtualhosts to Point Two Ports on Same Ip to Different Servernames
How to Pipe The Output of an Ls on Remote Server to The Local Filesystem via Sftp