Running a script without password

Why do we need?¶

As part of automation of services, we need to issue certain commands as sudoer.

One typical use case I came across is to restart the ngnix once the Hugo content is rebuild. In this case, if sudo requires password, we can't trigger it in script.

🛑🛑🛑 Making scripts to run with sudo password is a security risk, and assumption here is that the machine access is restricted and secure. 🛑🛑🛑

How it can be done?¶

Open sudoers file for your user

$ sudo visudo -f /etc/sudoers.d/myusername

update the commands that we want to call without sudo password as below.

myusername ALL=(ALL) NOPASSWD: /usr/sbin/service nginx start,/usr/sbin/service nginx stop,/usr/sbin/service nginx restart

we can add any script that is executable as root.

myusername ALL=(ALL) NOPASSWD: /path/to/rootscript

References¶

• stack-overflow1
  • answer1
  • answer2
• stack-overflow2