1

I am trying to allow a specific user to run a specific .sh file that has a sudo chmod inside of it.

I have followed this guide: How to allow a command to be executed for a particular user without password with sudoers file?

My sudoers file now looks like this:

the_user ALL=(ALL:ALL) NOPASSWD: /var/www/html/storage/fix_cache_permissions.sh

However, when I run the command:

sh /var/www/html/storage/fix_cache_permissions.sh

it dies with this error:

sudo: no tty present and no askpass program specified

Update

I tried both having sudo inside the .sh file and outside when running the command. Both results in the same error message.

Melebius
  • 11,431
  • 9
  • 52
  • 78
FooBar
  • 145

2 Answers2

4

You are missing something here. The sudoers file refers to the sudo command. By running sh yourprogram.sh you are not using the sudo command, you are using the sh one which in turn will use the sudo afterwards.

So the correct way to accomplish what you want is by marking the script as executable so that the user then can write 

sudo /var/www/html/storage/fix_cache_permissions.sh

and this will not ask for the password.

Notes:

  1. Since you are getting this error that means that you are not running the command from some sort of terminal. If it doesn't ask for password then I think that this will not be a problem.

  2. The order of the commands in the sudoers file is important and they override one another. Meaning that if you write you command and afterwards in the file there is something like this:

    %sudo   ALL=(ALL:ALL) ALL

    This will override anything. So put your line in the last lines of the sudoers file.

  3. Using this method you can actually remove the sudo inside the file since all the script will run as root.

Melebius
  • 11,431
  • 9
  • 52
  • 78
VGe0rge
  • 156
1

The accepted answer points out that you have to use sudo with the absolute filepath of the system. If you can afford to change the script in question, you could add the following:

if [[ "$(whoami)" != root ]]; then 
        sudo $(realpath $0)
        exit 
fi

This has the effect of relaunching the script, using sudo and the absolute path, if the current user is not root.

Effectively, this allows you to call the script as sh /var/www/html/storage/fix_cache_permissions.sh or even ./fix_cache_permissions.sh

Alex
  • 111
  • 1