-3

So this is for a school assignment. I have a working Bind9 and Apache2 server. I've written 3 scripts that make appropriate changes to the configuration files

  • DNS add zone
  • DNS add record
  • HTTP add vhost

They are stored in /etc/scripts. These scripts are editable by root. The user check needs them to run with sudo so this should work.

check@dennis:~$ bash /etc/scripts/dns_add_record

But I get Permission denied.

The permissions of the scripts are the following:

-rwsr-xr-x  1 root root 1875 Jan  3 03:31 dns_add_record.sh
-rwxr-xr-x  1 root root 2103 Jan  3 03:53 dns_add_zone.sh
-rwxr-xr-x  1 root root 1276 Jan  3 04:45 http_add_vhost.sh

I've added this rule to /etc/sudoers:

check   ALL=(ALL)       NOPASSWD:       /etc/scripts/dns_add_zone.sh

Am I looking over something?

Jakuje
  • 9,715
  • 2
  • 42
  • 45
Dnice
  • 9
  • 3

3 Answers3

1

You need to type sudo and then the command. So:

sudo bash pathtothescripts

Right now you are just executing them with the check user, not using sudo.

StoutPanda
  • 11
  • 1
  • Offcourse! I get this as error Sorry, user check is not allowed to execute '/bin/bash /etc/scripts/dns_add_record' as root on dennis.vlan77.be. – Dnice Jan 03 '16 at 19:52
1

You need to execute

sudo /etc/scripts/dns_add_zone.sh

Just BTW, you have an unnecessary +s bit on dns_add_record.sh, you should execute chmod u-s /etc/scripts/dns_add_record.sh to remove it. You should also remove read rights for the users, they should not be able to read the scripts to figure out if there are exploitable problems. If all the scripts in /etc/scripts are sudo scripts, execute chmod go= /etc/scripts/*.sh.

Law29
  • 3,557
  • 1
  • 16
  • 28
-1

I have found the solution. Needed to add check to sudo group and log out of the system

Dnice
  • 9
  • 3