1

In /usr/local/bin I've the following script called sdown

/usr/local/bin$ cat sdown 
#!/bin/bash

if [ $# -lt 1 ];
then
  echo "no time set"
else
  sudo shutdown -h $1
fi

Permssions are 788: -rwxr-xr-- user user sdown

The point is if I run the script it's prompting for the sudo password:

/usr/local/bin$ sdown 13:37
[sudo] password for user:

Just to make my life even better I'd like to avoid typing in my password for shutting down the computer. I think there're to possibilities I could look for:

  • Allowing execution of the shutdown command without prompting for sudo rights. (sudoers file or so... ?)
  • Find a away to grant sudo permission to the script so I could drop the sudo in there.

Probably the first way is easier and on my private machine I can do that. However I wonder what if I come in another situation. Though it's theoretic I'd like to learn best practise.

I wonder if it's better to grant permission for a specific script I write and therefore know what it does and what not instead of removing the sudo password protection for a full command (in this case shutdown. Is this possible?

Also in this scenario I guess I've to consider the possibility of code injection by having some manipulating the script. I guess therefore I should change owner and group to root and just allow execution but not grant read and write access for other users.
(Or just for the group in case for more specific solutions.) However what about the possibility of someone exchanging the full file with some of it's own and therefore acquiring sudo rights?

nuala
  • 168
  • 6

1 Answers1

1

First: You're almost certainly wasting your effort.
Read the manpage for shutdown on your system: The time argument is mandatory on every implementation I've ever seen.

If you attempt to run shutdown -h with no time argument it will yell at you:

[mgraziano@monitor ~]$ sudo shutdown -h
Password: 
usage: shutdown [-] [-h | -p | -r | -k] [-o [-n]] time [warning-message ...]

To answer your question though:

Option 1: Allowing execution of the shutdown command without prompting for sudo rights
Either explicitly allow shutdown with the NOPASSWD option (read man sudoers for info) or add your user to the group allowed to run shutdown (usually operator).

Option 2: Find a away to grant sudo permission to the script so I could drop the sudo in there.
You can't do this the way you think because sudo doesn't work that way - Permissions are granted to users.
The best you could do is allow the script to be run using sudo, but that doesn't buy you anything over Option 1 (and as you've mentioned opens you up to some possible security holes in your script, since you're letting it be run as root).

voretaq7
  • 79,879
  • 17
  • 130
  • 214
  • If you want one specific file to run as root, you can also use _chmod_ to set the setuid bit. But voretaq7's suggestion for sudo with NOPASSWD is probably what you're looking for here. – NathanG Apr 28 '12 at 05:21
  • @NathanG setting setuid on this script (or worse, shutdown itself) would probably be a BAD thing - especially if you have untrusted local users. Also some operating systems don't allow setuid scripts. Setting setuid on something should be done only with great care, and after a suitably paranoid security audit :) – voretaq7 Apr 28 '12 at 21:19