COMPGROUPS.NET | Search | Post Question | Groups | Stream | About | Register

SUDO question - how to run command / script without password

  • Follow


Hello all,

Our server is running Solaris 10.

I need to start up and shut down Websphere using the script (see end)
via "wasadm" user / "wasgroup" group without prompting for password.

I have the following entries in the sudoers file.  Unfortunately, it's
been giving
me compilation errors.  Any idea how I can fix this and make the
script using sudo
without asking for password ?

Thanks for your kind assistance,  Bill


=====================================================
/etc/sudoers
=====================================================

# Host alias specification
#
Host_Alias      WS=atlantis,172.56.247.222


#
# User alias specification
#
User_Alias      WEBUSER=ws1boy


#
# Cmnd alias specification
#
Cmnd_Alias    SU_WAS= /bin/su - wasadm
Cmnd_Alias    WASSTARTSTOP=/usr/local/bin/WASstartstop.sh


##
##
#### User privilege specification
##
##
root                  ALL=(ALL) ALL

wasadm        WS=ALL
ws1boy          ALL=SU_WAS
%wasgroup  ALL=SU_WAS



# Websphere users

wasadm            ALL= NOPASSWORD: WASSTARTSTOP

%wasgroup      ALL= NOPASSWORD: WASSTARTSTOP






========================================================
<Script>            WASstartstop.sh       *** run by "wasadm /
wasgroup"
========================================================

!/bin/ksh
#

#stop IHS DEV
/usr/local/bin/sudo /WAS_01/IBM/IHS/DEV/bin/apachectl stop
#stop IHS  QA
/usr/local/bin/sudo /WAS_01/IBM/IHS/QA/bin/apachectl stop
#stop IHS PREP
/usr/local/bin/sudo /WAS_01/IBM/IHS/PREP/bin/apachectl stop
0
Reply underh20.scubadiving (144) 1/21/2010 8:42:48 PM 

In comp.unix.solaris underh20 <underh20.scubadiving@gmail.com> wrote:
> Hello all,
> 
> Our server is running Solaris 10.
> 
> I need to start up and shut down Websphere using the script (see end)
> via "wasadm" user / "wasgroup" group without prompting for password.
> 
> I have the following entries in the sudoers file.  Unfortunately, it's
> been giving
> me compilation errors.  Any idea how I can fix this and make the
> script using sudo
> without asking for password ?
> 
> Thanks for your kind assistance,  Bill
> 
> 
> =====================================================
> /etc/sudoers
> =====================================================
> 
> # Host alias specification
> #
> Host_Alias      WS=atlantis,172.56.247.222
> 
> 
> #
> # User alias specification
> #
> User_Alias      WEBUSER=ws1boy
> 
> 
> #
> # Cmnd alias specification
> #
> Cmnd_Alias    SU_WAS= /bin/su - wasadm
> Cmnd_Alias    WASSTARTSTOP=/usr/local/bin/WASstartstop.sh
> 
> 
> ##
> ##
> #### User privilege specification
> ##
> ##
> root                  ALL=(ALL) ALL
> 
> wasadm        WS=ALL
> ws1boy          ALL=SU_WAS
> %wasgroup  ALL=SU_WAS

I have no idea what the above 3 lines are for or are supposed to do.

> # Websphere users
> 
> wasadm            ALL= NOPASSWORD: WASSTARTSTOP
> 
> %wasgroup      ALL= NOPASSWORD: WASSTARTSTOP

you never specified what users these command can run as

try this

wasadm            ALL= (root) NOPASSWORD: WASSTARTSTOP
%wasgroup      ALL= (root) NOPASSWORD: WASSTARTSTOP

or whatever user these command need to execute as inside ()
0
Reply Cydrome 1/21/2010 10:51:39 PM 


you could also convert it to a role without a password but that would,
of course, give full access to the wasdm user for people with the
role.  there might be a way to control that but it's beyond my simple
tinkering with roles
0
Reply nelson 1/22/2010 1:45:02 AM 

On Jan 21, 2:51=A0pm, Cydrome Leader <prese...@MUNGEpanix.com> wrote:
> In comp.unix.solaris underh20 <underh20.scubadiv...@gmail.com> wrote:
>
>
>
>
>
> > Hello all,
>
> > Our server is running Solaris 10.
>
> > I need to start up and shut down Websphere using the script (see end)
> > via "wasadm" user / "wasgroup" group without prompting for password.
>
> > I have the following entries in the sudoers file. =A0Unfortunately, it'=
s
> > been giving
> > me compilation errors. =A0Any idea how I can fix this and make the
> > script using sudo
> > without asking for password ?
>
> > Thanks for your kind assistance, =A0Bill
>
> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
> > /etc/sudoers
> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
>
> > # Host alias specification
> > #
> > Host_Alias =A0 =A0 =A0WS=3Datlantis,172.56.247.222
>
> > #
> > # User alias specification
> > #
> > User_Alias =A0 =A0 =A0WEBUSER=3Dws1boy
>
> > #
> > # Cmnd alias specification
> > #
> > Cmnd_Alias =A0 =A0SU_WAS=3D /bin/su - wasadm
> > Cmnd_Alias =A0 =A0WASSTARTSTOP=3D/usr/local/bin/WASstartstop.sh
>
> > ##
> > ##
> > #### User privilege specification
> > ##
> > ##
> > root =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0ALL=3D(ALL) ALL
>
> > wasadm =A0 =A0 =A0 =A0WS=3DALL
> > ws1boy =A0 =A0 =A0 =A0 =A0ALL=3DSU_WAS
> > %wasgroup =A0ALL=3DSU_WAS
>
> I have no idea what the above 3 lines are for or are supposed to do.
>
> > # Websphere users
>
> > wasadm =A0 =A0 =A0 =A0 =A0 =A0ALL=3D NOPASSWORD: WASSTARTSTOP
>
> > %wasgroup =A0 =A0 =A0ALL=3D NOPASSWORD: WASSTARTSTOP
>
> you never specified what users these command can run as
>
> try this
>
> wasadm =A0 =A0 =A0 =A0 =A0 =A0ALL=3D (root) NOPASSWORD: WASSTARTSTOP
> %wasgroup =A0 =A0 =A0ALL=3D (root) NOPASSWORD: WASSTARTSTOP
>
> or whatever user these command need to execute as inside ()- Hide quoted =
text -
>
> - Show quoted text -

FYI......Unfortunately, I am still getting syntax errors when trying
to issue any "sudo" command after
adding the (root) in the fields as suggested above.  Any idea how I
could resovle this problem.

Thanks,  Humphrey


atlantis>
>>> sudoers file: syntax error, line 104 <<<
>>> sudoers file: syntax error, line 106 <<<
sudo: parse error in /usr/sudoers near line 104
0
Reply underh20 1/22/2010 10:50:37 PM 

In article <c2a5c30f-00e3-460d-9d6c-abb00f0dea21@m26g2000yqb.googlegroups.com>,
underh20  <underh20.scubadiving@gmail.com> wrote:
>FYI......Unfortunately, I am still getting syntax errors when trying
>to issue any "sudo" command after
>adding the (root) in the fields as suggested above.  Any idea how I
>could resovle this problem.

Comment lines with visudo until you identify the broken one.
Then post the broken one so someone can help you debug it.

John
groenveld@acm.org
0
Reply groenvel 1/23/2010 1:10:13 AM
comp.unix.admin 2747 articles. 4 followers.

4 Replies
1262 Views

(page loaded in 0.142 seconds)

Similiar Articles:

Java Runtime.exec() and sudo. - comp.lang.java.programmer ...
Hi,I'm trying to run a unix script from the ... hang?>> One guess: su or sudo is prompting for a password.>> Another: the script ... It won't run your command in ashell ...

Way to avoid having to type sudo password each time? - comp.sys ...
... avoid having to type my password and just enter the command above? sudo ... that allows you to run that command without a password ... Call a Rexx Script from a Web ...

how to shut down or reboot system without being root? - comp.unix ...
... Question ... password. > > How do you reboot or shut down these systems without logging in as > root? Thanks. % sudo ... to run the shutdown command. Or write a script ...

Change user password using shell script - comp.unix.solaris ...
... user password on solaris os using shell script or any other program.(Without ... Without using expect script) Since the passwd command ... password has expired and run a

sftp script - comp.unix.programmer
... sudo ... Run sftp once on the command line, and without your script. ... ... password ... autoexpect autoexpect - generate an Expect script ... SSH Frequently Asked Questions I ...

can root "su" to a user whose password has expired and run a ...
The question is would the expired password cause the failure of the script run through ... shell scripts without ... passwd.cgi script ... Is there a command that I can run ...

how to enter password in a batch job? - comp.unix.solaris ...
... decrypt files using the pgpv command in a Perl script which is run ... no other way around this without ... asked was how to enter password or passphrase in script rather ...

How to add new user without root privilege - comp.unix.solaris ...
Is there anybody know how to use these commands without ... Way to avoid having to type sudo password each time ... Chage passwords in script without expect - comp.unix ...

Hide Password in a script - comp.unix.solaris
... pass a password to su, you are searching for sudo ... Hide Password in a script - comp.unix.solaris Page 2 [Tool] Hide console (command line) windows run ... ... script without ...

How to restore /etc/sudoers file? - comp.sys.mac.system
... logged in as the "davea" user who has sudo ... mit.edu Arlington, MA *** PLEASE post questions ... sudoers file? - comp.sys.mac.system... run command / script without password ...

Unix How-To: Sudo without Passwords | ITworld
... command via sudo without having to enter a password? ... to run the commands without a password, but if they're going to include these commands in a script ... new questions ...

Unix administration - SUDO question - how to run command / script ...
... SUDO question - how to run command / script without password

7/21/2012 8:17:34 PM


Reply:



Privacy Policy | All Times Are GMT(UTC) | powered by