Question

9

Is it possible to run a command as root without password and entering sudo?

rated 0 times [ 9] [ 0] / answers: 1 / hits: 5229 / 2 Years ago, sat, december 25, 2021, 4:06:36

Suppose I have a user some_user and command /usr/bin/command.
How can I execute this command as root by entering /usr/bin/command, but not sudo /usr/bin/command?

I tried to edit sudoers with visudo, but without success, password is not prompted, but I need to write sudo:

some_user ALL=(ALL:ALL) NOPASSWD: /usr/bin/command

Is there any difference between above command and www-data ALL=(ALL) NOPASSWD: /usr/bin/kill ?

Thank you.

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

anxietunnel

Add To Favorites

Follow

Total Points: 66

Total Questions: 120

Total Answers: 115

Location: Norway

Member since Sat, Mar 4, 2023

1 Year ago

anxietunnel questions

1 How can I automatically resize a window to 1/4 of the screen and snap it to a corner in Ubuntu 22.04?

Fri, Sep 30, 22, 20:16, 2 Years ago

1 How to install amd gpu drivers ubuntu 22.04 LTS

Mon, Mar 6, 23, 02:21, 1 Year ago

1 How do you install Docker on Ubuntu 20.04?

Sat, Mar 25, 23, 19:11, 1 Year ago

1 Belgian formats when choosing US language - regional & language settings issue

Mon, Jan 2, 23, 19:44, 1 Year ago

1 How do I debug a failed cron job involving netcat?

Fri, Oct 28, 22, 06:46, 2 Years ago

View All

answered 2 Years ago steaocyte · Accepted Answer

You can make /usr/bin/command setuid root. However, this will work for ALL users and not only the particular one. Ie. any user who types /usr/bin/command will run the command as root, without the need to specify a password - you cannot restrict this to particular users only. Also, when you set /usr/bin/command setuid root, there will be no possibility to run this command as non-root until you remove the setuid bit.

Btw. that's exactly how sudo works - /usr/bin/sudo is setuid root, so it automatically becomes root when you type sudo. If it weren't setuid root, it won't be able to switch to root.

But I suggest you don't set random commands setuid root. sudo was designed to use that way and it makes many security checks before actually let you run the command. By definition, if you type a command name in the terminal, you are running that command as your current user ID (unless the command elevates privileges by itself, eg. by being setuid root, or using sudo internally as in Tony's solution). sudo is there to clearly distinguish command being run as non-root from command being run as root. Therefore you shouldn't omit it.