Issue with shutdown command in script (MacOS High Sierra) Post: 303032214

Sponsored Content

Top Forums Shell Programming and Scripting Issue with shutdown command in script (MacOS High Sierra) Post 303032214 by LMHmedchem on Wednesday 13th of March 2019 07:08:27 PM

03-13-2019

Registered User

Quote:

Originally Posted by Corona688

Why are you feeding a function which calls sudo, into sudo? And then you don't even use it, just call it outside sudo afterwards.

This is mostly an exercise in ways to run a script with root privileges without a user needing to open a terminal, navigate to a directory, and either call the script with sudo or su root from the terminal and then call the script. These are actions that are beyond the abilities of a sizable number of users who still may need to perform tasks like running a backup as root. I am trying to create a script that can be run by double clicking on a desktop icon, entering a password when prompted, and have the script do the rest with the privileges it needs. I don't have any problem running a script as root, but that is not the case for every user.

The method I used in the script above prompts the user for a password when sudo is invoked for the function call, but the password is not requested for any of the commands in the function. The password is required once at the beginning and not again. This is the behavior I am looking for. The sudo command still needs to be in the commands in the function, or you get errors. This doesn't make sense to me because the intent was to run the function in a subshell as root. It does, however, run without error and gives the expected output.

Quote:

Originally Posted by Corona688

Further, you really shouldn't be editing /etc/sudoers like that. sudo on most systems will refuse to operate after /etc/sudoers has been edited by anything but visudo.

I have confirmed with visudo that running the sudoers script does add the the correct line to the file. I don't notice any issues running sudo with other commands, but I need to dig a bit deeper to make sure that the backup script is actually running as root (directories like /Library are being copied) after making the sudoers edit the way I did above. I know that the script was running as root when I made the $user_name ALL= NOPASSWD:/usr/bin/rsync entry to sudoers with visudo but I haven't checked it carefully with the other method. The edit of the sudoers list is important in order to be able to run a scheduled unattended backup as root.

LMHmedchem

LMHmedchem

View Public Profile for LMHmedchem

Find all posts by LMHmedchem

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Script to force Oracle database shutdown when shutdown immediate does not work

I have Oracle 9i R2 on AIX 5.2. My Database is running in shared server mode (MTS). Sometimes when I shutdown the database it shutsdown cleanly in 4-5 mints and sometimes it takes good 15-20 minutes and then I get some ora-600 errors and only way to shutdown is by opening another session and...

2. High Performance Computing

High Performance Linpack Compiling Issue

I'm trying to compile Linpack on a Ubuntu cluster. I'm running MPI. I've modified the following values to fit my system TOPdir MPdir LAlib CC LINKER. When compiling I get the following error: (the error is at the end, the other errors in between are because I've ran the script several times so...

3. Shell Programming and Scripting

what would a script include to find CPU's %system time high and user time high?

Hi , I am trying to :wall: my head while scripting ..I am really new to this stuff , never did it before :( . how to find cpu's system high time and user time high in a script?? thanks , help would be appreciated ! :)

4. Shell Programming and Scripting

Exit script when shutdown or reboot command is given

This is probably a simple question, but I'm new with writing scripts for Linux (IPFire in this case) and Google wasn't helpful with this. When creating a script, what is the best and/or proper way to have it exit automatically if the reboot or shutdown command is given? If that's even...

5. UNIX for Beginners Questions & Answers

Capture power button press on MacOs High Sierra?

Hello everyone! I'm developing a MacOs Application in python and I'm having some issues trying to find information related to the power button pressed event. I know that in Ubuntu 14.04 you can find information about it on the acpi folders, but I realized that here in Mac that process is...

6. OS X (Apple)

If you run macOS High Sierra version 10.13.1, be sure to install today's update.

Some hackers found a security hole in macOS High Sierra and tweeted it to the world before telling Apple about the problem. You can see the details from PC Magazine's daily news here: Apple Releases Fix for MacOS High Sierra 'Root' Bug. The original story this morning was published before a patch...

7. UNIX for Beginners Questions & Answers

Linux SuSE SLES 8 error..unable to issue shutdown command

the only way we can power off is if we actually press power button on server. Running on HP DL-G4. from root, when we issue command it just returns to root prompt.

8. Shell Programming and Scripting

Issue with pwd for script run by double click on script (MacOS High SIerra)

Hello, I have the following script that just archives and clears some log files. #!/bin/bash # script: archive_logs_and_clear # add date to logfile names and copy archive directory # clear logs # change to script directory cd ...

9. Shell Programming and Scripting

Terminal running bash/rsync script does not close with exit (MacOS High SIerra)

Hello, I am running a bash script to do an rsync back on a computer running MacOS High Sierra. This is the script I am using, #!/bin/bash # main backup location, trailing slash included backup_loc="/Volumes/Archive_Volume/00_macos_backup/" # generic backup function function backup {...

10. OS X (Apple)

Change Name of Bluetooth Device from Command Line in macOS

Mac Version 10.15.2 (macOS Catalina) Does anyone know how to change the name of a connected bluetooth device from the command line on macOS? I am having trouble with various bluetooth devices which I cannot get the "rename" option in the GUI to "save" properly and so I cannot rename a few...

LEARN ABOUT LINUX

sudo_root

sudo_root(8)						      System Manager's Manual						      sudo_root(8)

NAME

       sudo_root - How to run administrative commands

SYNOPSIS

       sudo command

       sudo -i

INTRODUCTION

       By  default, the password for the user "root" (the system administrator) is locked. This means you cannot login as root or use su. Instead,
       the installer will set up sudo to allow the user that is created during install to run all administrative commands.

       This means that in the terminal you can use sudo for commands that require root privileges. All programs in the menu will use  a  graphical
       sudo to prompt for a password. When sudo asks for a password, it needs your password, this means that a root password is not needed.

       To  run	a  command which requires root privileges in a terminal, simply prepend sudo in front of it. To get an interactive root shell, use
       sudo -i.

ALLOWING OTHER USERS TO RUN SUDO

       By default, only the user who installed the system is permitted to run sudo. To add more administrators, i. e. users who can run sudo,  you
       have to add these users to the group 'admin' by doing one of the following steps:

       * In a shell, do

	   sudo adduser username admin

       * Use the graphical "Users & Groups" program in the "System settings" menu to add the new user to the admin group.

BENEFITS OF USING SUDO

       The benefits of leaving root disabled by default include the following:

       * Users do not have to remember an extra password, which they are likely to forget.

       * The installer is able to ask fewer questions.

       * It  avoids  the  "I  can do anything" interactive login by default - you will be prompted for a password before major changes can happen,
	 which should make you think about the consequences of what you are doing.

       * Sudo adds a log entry of the command(s) run (in /var/log/auth.log).

       * Every attacker trying to brute-force their way into your box will know it has an account named root and will try that first. What they do
	 not know is what the usernames of your other users are.

       * Allows  easy transfer for admin rights, in a short term or long term period, by adding and removing users from the admin group, while not
	 compromising the root account.

       * sudo can be set up with a much more fine-grained security policy.

       * On systems with more than one administrator using sudo avoids sharing a password amongst them.

DOWNSIDES OF USING SUDO

       Although for desktops the benefits of using sudo are great, there are possible issues which need to be noted:

       * Redirecting the output of commands run with sudo can be confusing at first. For instance consider

	   sudo ls > /root/somefile

	 will not work since it is the shell that tries to write to that file. You can use

	   ls | sudo tee /root/somefile

	 to get the behaviour you want.

       * In a lot of office environments the ONLY local user on a system is root. All other users  are	imported  using  NSS  techniques  such	as
	 nss-ldap.  To	setup a workstation, or fix it, in the case of a network failure where nss-ldap is broken, root is required. This tends to
	 leave the system unusable. An extra local user, or an enabled root password is needed here.

GOING BACK TO A TRADITIONAL ROOT ACCOUNT

       This is not recommended!

       To enable the root account (i.e. set a password) use:

	   sudo passwd root

       Afterwards, edit the sudo configuration with sudo visudo and comment out the line

	   %admin  ALL=(ALL) ALL

       to disable sudo access to members of the admin group.

SEE ALSO

       sudo(8), https://wiki.ubuntu.com/RootSudo

								 February 8, 2006						      sudo_root(8)