How to Let Users Run a Script with Root Permissions

How can I let users run a script with root permissions?

You could consider sudo.

Although not 'passwordless', it doesn't require the user to be given the root password. It can also provide an audit trail of use of the script.

edit: as per comment from Chris, there is an option not to require a password at all for certain commands, see here for details. It can also be set up not to prompt excessively for the password, i.e. one entry of the password can be good for multiple commands over a period of use.

By the way, sudo is built in to Ubuntu and nicely integrated with Gnome. When ubuntu prompts you for your password to do privileged operations, that's sudo under the hood.

How do I run a shell script as root (sudo)?

I was searching around and found this useful solution:

Edit your sudoers file to allow running certain commands without a password.

It's best to split your post-commit script into two parts, one of which will be run through sudo.

entry in /etc/sudoers:

loqman    ALL=(root) NOPASSWD: /usr/local/bin/svn-postcommit-export

Your post-commit hook:

#!/bin/sh
sudo /usr/local/bin/svn-postcommit-export

Script /usr/local/bin/svn-postcommit-export:
```
#!/bin/sh
svn export --force file:///home/repository/trunk/ /home/memarexweb/public_html/devel/
chmod -R 777 /home/memarexweb/public_html/devel/
```
(You can choose any name and put the script anywhere; I just suggested svn-postcommit-export as an example, and /usr/local/bin as a common location.)

How to demand root privileges in a shell script?

Here's what I often do. This is loose pseudo-code but should give you the idea:

# myscript -- possibly execute as sudo

if (passed -e option) then
    read variables from envfile
else
    ...

    need_root = ...

    # set variables ...

    if ($need_root && $uid != 0) then
        env [or whatever] > /tmp/envfile
        exec sudo myscript -e/tmp/envfile ...
    fi
fi

# stuff to execute as root [or not] ...

How to make a script run commands as root

setuid does not work on shell scripts for security reasons. If you want to run a script as root without a password, you can edit /etc/sudoers to allow it to be run with sudo without a password.

To "update in real time", you would run the command directly instead of using echo.

Running a bash install script as root - how to handle regular users' files?

If you have a bunch of consecutive codes which should be run as regular user (not root), then you can do this:

sudo -s -u $USER<<EOF
echo "running codes as normal user"
EOF

Note: You may need to check if $USER is a regular user or root. If you run the script in a root shell, the value of $USER will be root and that's the normal and expected behavior, i.e whatever user specific files you are creating are expected to be created in the root environment.