20

I am writing a Java application where i need to do a command line execution and get a result back, but when i execute the command, it ask for sudo password. So far i tried:

$ sudo -s
$ vim /etc/sudoers
# User privilege specification
root         ALL=(ALL:ALL) NOPASSWD: ALL
javauser     ALL=(ALL:ALL) NOPASSWD: ALL

:wq
$ 4 -r--r-----   1 root root     615 2011-10-26 09:23 sudoers

Once i execute the command it again asks "[javauser] password for javauser:". But i already mentioned noPASSWD.

whoami returns alex and I am adding it as this in the sudoers file

# User privilege specification
root    ALL=(ALL:ALL) ALL
alex ALL=NOPASSWD: ALL


# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

Running keeps asking me for my password, any ideas?

muru
  • 197,895
  • 55
  • 485
  • 740
  • Looks like there's a very similar question already: http://askubuntu.com/questions/39281/how-to-run-an-application-using-sudo-without-a-password - have you tried the answer from there? – Sergey Oct 26 '11 at 08:06
  • Make sure that in your java code you use "sudo /absolute/path/to/command" in your system call. Btw. for security reasons you should use sudo visudo instead of vim to edit the sudoers file. That way if you make a mistake the program warns you about it. – con-f-use Oct 26 '11 at 08:08
  • Can be found here what exactly i tried: https://gist.github.com/1315951 –  Oct 26 '11 at 10:29

2 Answers2

32

On a terminal type sudo visudo and add a line like this at the end of the file specifying the commands you want to run without typing the sudo password (I suggest you use each command you want to use in your terminal and not just allow all programs to be executed this way)

<yourusername> ALL=NOPASSWD: <command1>, <command2>

Now you can run the specified commands without needing to type a password as long as you prefix that command with sudo.

ie: let's say you want to run shutdown -r now without having to type your username's password every time and your username is 'joedoe'

  1. Type sudo visudo on a terminal.

  2. Add joedoe ALL=NOPASSWD: /usr/sbin/shutdown -r now as a new line at the end of the file, use absolute paths to the program you are trying to use.

  3. On your program, you can then use sudo shutdown -r now without having to type the user's password.

You can find the absolute path to a program by using which <program name> on a terminal.

This can leave your system open for dangers, but I am guessing you know what you are doing and want this.

You need to make sure that the permissions you are setting are at the end of the file so that nothing is overwritten by previous configuration.

Bruno Pereira
  • 73,643
  • Seems like he already did that. – con-f-use Oct 26 '11 at 08:11
  • @brunopereira81: Yes, you are correct. I did exactly my name is Alex Derdelincks, my system username is "alex". And i have "alex ALL=NOPASSWD: ALL". But still not working. –  Oct 26 '11 at 09:53
  • @brunopereira81 First of all, chill bro an watch your language. Second, I explained it, because he used vim instead of visudo which as you know works just as well but is riskier. The main purpose of my comment was to check if he used sudo command in his java code or nust command just to rule out a stupid mistake. – con-f-use Oct 26 '11 at 12:30
  • @brunopereira81: Just to explain: In its first revision your answer was worthless, since it was obvious from the shell-session he posted, that he already did, what you wrote in revision 1 (except for the visudo). Now the answer is usefull because it contains the 'has to be in last line' information that turned out to be goOgle's mistake. Now I upvoted your answer. And your tone was a bit rude, because you complained about me repeating the visudo stuff complete ignoring the real message of my comment, which was: 'Sure you [goOgle] put sudo and the full path to the command in your java-code?' – con-f-use Oct 26 '11 at 14:19
  • @con-f-use Don't take things so seriously, in the end we are just trying to help. Now, lets grab a beer or something, I'm tired of chatting! <3 – Bruno Pereira Oct 26 '11 at 14:36
  • [solved] Thanks a lot works. see: https://gist.github.com/1316606 –  Oct 26 '11 at 14:58
  • I added christoph ALL=NOPASSWD: /bin/mount to the file and whoami definitely returns christoph but if I type in sudo mount or sudo /bin/mount (without any parameters, just to test it) I'm prompted for my password. I tried restarting. I'm using Ubuntu 15.04. – UTF-8 Sep 06 '15 at 01:02
1

I was able to enable poweroff (normally a sudoer command) in an ssh prompt for non-sudoers, by, as a sudoer, adding the +s flag to the command executable. Like so:

sudo chmod a+s /usr/sbin/poweroff

After this, non-sudoers were be able to power off the system, over ssh, or even via a shell script running in their name.

jorisw
  • 111
  • 4