Do I need to specify the pathname of a command added in `/etc/sudoers`, every time I run it with `sudo`?
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
For a line that I added to /etc/sudoers
, for example:
t ALL=(ALL) NOPASSWD: /path/to/myscript
/path/to
is in PATH
of the current user t
, but not in PATH
of root
.
$ sudo /path/to/myscript
works without password, but do I need to specify the pathname of the script every time I run the script with sudo
?
$ sudo myscript
[sudo] password for t:
sudo: changeCpuFreq.sh: command not found
doesn't work even with password, because myscript
's path isn't in PATH
of root
.
$ sudo -E env "PATH=$PATH" myscript
[sudo] password for t:
works with password, because PATH
of t
is copied to that of root
, but the problem is that it still needs password.
Thanks.
sudo
add a comment |Â
up vote
1
down vote
favorite
For a line that I added to /etc/sudoers
, for example:
t ALL=(ALL) NOPASSWD: /path/to/myscript
/path/to
is in PATH
of the current user t
, but not in PATH
of root
.
$ sudo /path/to/myscript
works without password, but do I need to specify the pathname of the script every time I run the script with sudo
?
$ sudo myscript
[sudo] password for t:
sudo: changeCpuFreq.sh: command not found
doesn't work even with password, because myscript
's path isn't in PATH
of root
.
$ sudo -E env "PATH=$PATH" myscript
[sudo] password for t:
works with password, because PATH
of t
is copied to that of root
, but the problem is that it still needs password.
Thanks.
sudo
add a comment |Â
up vote
1
down vote
favorite
up vote
1
down vote
favorite
For a line that I added to /etc/sudoers
, for example:
t ALL=(ALL) NOPASSWD: /path/to/myscript
/path/to
is in PATH
of the current user t
, but not in PATH
of root
.
$ sudo /path/to/myscript
works without password, but do I need to specify the pathname of the script every time I run the script with sudo
?
$ sudo myscript
[sudo] password for t:
sudo: changeCpuFreq.sh: command not found
doesn't work even with password, because myscript
's path isn't in PATH
of root
.
$ sudo -E env "PATH=$PATH" myscript
[sudo] password for t:
works with password, because PATH
of t
is copied to that of root
, but the problem is that it still needs password.
Thanks.
sudo
For a line that I added to /etc/sudoers
, for example:
t ALL=(ALL) NOPASSWD: /path/to/myscript
/path/to
is in PATH
of the current user t
, but not in PATH
of root
.
$ sudo /path/to/myscript
works without password, but do I need to specify the pathname of the script every time I run the script with sudo
?
$ sudo myscript
[sudo] password for t:
sudo: changeCpuFreq.sh: command not found
doesn't work even with password, because myscript
's path isn't in PATH
of root
.
$ sudo -E env "PATH=$PATH" myscript
[sudo] password for t:
works with password, because PATH
of t
is copied to that of root
, but the problem is that it still needs password.
Thanks.
sudo
edited Apr 2 at 0:36
asked Apr 1 at 23:54
Tim
22.6k63224401
22.6k63224401
add a comment |Â
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
1
down vote
You do not need per se to define the full pathname in sudoers; however you should do it for security reasons.
Otherwise, it is fairly easy to gain root privileges; you just need to invoke another binary with the same name, and presto, instant root privileges.
Thanks. How do you achieve "not need per se to define the full pathname" in/etc/sudoers
? My post is whether I need to specify pathname when running it withsudo
.
â Tim
Apr 2 at 0:33
You do not use the full pathname, and configure a restrictedDefaults secure_path
; nonetheless defining the full path gives you an extra layer of security.
â Rui F Ribeiro
Apr 2 at 0:37
Do I need to specify pathname to the command, when I run it with sudo?
â Tim
Apr 2 at 0:40
If the pathname is there as in your first example, you need to do it, unless you create an alias. See this for other security considerations: openwall.com/lists/owl-users/2004/10/20/6
â Rui F Ribeiro
Apr 2 at 0:42
do you mean if pathname exists in/etc/sudoers
, then it must also be specified when running the command? How do you "not use the full pathname, and configure a restricted Defaults secure_path"?
â Tim
Apr 2 at 0:47
 |Â
show 3 more comments
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
You do not need per se to define the full pathname in sudoers; however you should do it for security reasons.
Otherwise, it is fairly easy to gain root privileges; you just need to invoke another binary with the same name, and presto, instant root privileges.
Thanks. How do you achieve "not need per se to define the full pathname" in/etc/sudoers
? My post is whether I need to specify pathname when running it withsudo
.
â Tim
Apr 2 at 0:33
You do not use the full pathname, and configure a restrictedDefaults secure_path
; nonetheless defining the full path gives you an extra layer of security.
â Rui F Ribeiro
Apr 2 at 0:37
Do I need to specify pathname to the command, when I run it with sudo?
â Tim
Apr 2 at 0:40
If the pathname is there as in your first example, you need to do it, unless you create an alias. See this for other security considerations: openwall.com/lists/owl-users/2004/10/20/6
â Rui F Ribeiro
Apr 2 at 0:42
do you mean if pathname exists in/etc/sudoers
, then it must also be specified when running the command? How do you "not use the full pathname, and configure a restricted Defaults secure_path"?
â Tim
Apr 2 at 0:47
 |Â
show 3 more comments
up vote
1
down vote
You do not need per se to define the full pathname in sudoers; however you should do it for security reasons.
Otherwise, it is fairly easy to gain root privileges; you just need to invoke another binary with the same name, and presto, instant root privileges.
Thanks. How do you achieve "not need per se to define the full pathname" in/etc/sudoers
? My post is whether I need to specify pathname when running it withsudo
.
â Tim
Apr 2 at 0:33
You do not use the full pathname, and configure a restrictedDefaults secure_path
; nonetheless defining the full path gives you an extra layer of security.
â Rui F Ribeiro
Apr 2 at 0:37
Do I need to specify pathname to the command, when I run it with sudo?
â Tim
Apr 2 at 0:40
If the pathname is there as in your first example, you need to do it, unless you create an alias. See this for other security considerations: openwall.com/lists/owl-users/2004/10/20/6
â Rui F Ribeiro
Apr 2 at 0:42
do you mean if pathname exists in/etc/sudoers
, then it must also be specified when running the command? How do you "not use the full pathname, and configure a restricted Defaults secure_path"?
â Tim
Apr 2 at 0:47
 |Â
show 3 more comments
up vote
1
down vote
up vote
1
down vote
You do not need per se to define the full pathname in sudoers; however you should do it for security reasons.
Otherwise, it is fairly easy to gain root privileges; you just need to invoke another binary with the same name, and presto, instant root privileges.
You do not need per se to define the full pathname in sudoers; however you should do it for security reasons.
Otherwise, it is fairly easy to gain root privileges; you just need to invoke another binary with the same name, and presto, instant root privileges.
answered Apr 2 at 0:32
Rui F Ribeiro
34.7k1269113
34.7k1269113
Thanks. How do you achieve "not need per se to define the full pathname" in/etc/sudoers
? My post is whether I need to specify pathname when running it withsudo
.
â Tim
Apr 2 at 0:33
You do not use the full pathname, and configure a restrictedDefaults secure_path
; nonetheless defining the full path gives you an extra layer of security.
â Rui F Ribeiro
Apr 2 at 0:37
Do I need to specify pathname to the command, when I run it with sudo?
â Tim
Apr 2 at 0:40
If the pathname is there as in your first example, you need to do it, unless you create an alias. See this for other security considerations: openwall.com/lists/owl-users/2004/10/20/6
â Rui F Ribeiro
Apr 2 at 0:42
do you mean if pathname exists in/etc/sudoers
, then it must also be specified when running the command? How do you "not use the full pathname, and configure a restricted Defaults secure_path"?
â Tim
Apr 2 at 0:47
 |Â
show 3 more comments
Thanks. How do you achieve "not need per se to define the full pathname" in/etc/sudoers
? My post is whether I need to specify pathname when running it withsudo
.
â Tim
Apr 2 at 0:33
You do not use the full pathname, and configure a restrictedDefaults secure_path
; nonetheless defining the full path gives you an extra layer of security.
â Rui F Ribeiro
Apr 2 at 0:37
Do I need to specify pathname to the command, when I run it with sudo?
â Tim
Apr 2 at 0:40
If the pathname is there as in your first example, you need to do it, unless you create an alias. See this for other security considerations: openwall.com/lists/owl-users/2004/10/20/6
â Rui F Ribeiro
Apr 2 at 0:42
do you mean if pathname exists in/etc/sudoers
, then it must also be specified when running the command? How do you "not use the full pathname, and configure a restricted Defaults secure_path"?
â Tim
Apr 2 at 0:47
Thanks. How do you achieve "not need per se to define the full pathname" in
/etc/sudoers
? My post is whether I need to specify pathname when running it with sudo
.â Tim
Apr 2 at 0:33
Thanks. How do you achieve "not need per se to define the full pathname" in
/etc/sudoers
? My post is whether I need to specify pathname when running it with sudo
.â Tim
Apr 2 at 0:33
You do not use the full pathname, and configure a restricted
Defaults secure_path
; nonetheless defining the full path gives you an extra layer of security.â Rui F Ribeiro
Apr 2 at 0:37
You do not use the full pathname, and configure a restricted
Defaults secure_path
; nonetheless defining the full path gives you an extra layer of security.â Rui F Ribeiro
Apr 2 at 0:37
Do I need to specify pathname to the command, when I run it with sudo?
â Tim
Apr 2 at 0:40
Do I need to specify pathname to the command, when I run it with sudo?
â Tim
Apr 2 at 0:40
If the pathname is there as in your first example, you need to do it, unless you create an alias. See this for other security considerations: openwall.com/lists/owl-users/2004/10/20/6
â Rui F Ribeiro
Apr 2 at 0:42
If the pathname is there as in your first example, you need to do it, unless you create an alias. See this for other security considerations: openwall.com/lists/owl-users/2004/10/20/6
â Rui F Ribeiro
Apr 2 at 0:42
do you mean if pathname exists in
/etc/sudoers
, then it must also be specified when running the command? How do you "not use the full pathname, and configure a restricted Defaults secure_path"?â Tim
Apr 2 at 0:47
do you mean if pathname exists in
/etc/sudoers
, then it must also be specified when running the command? How do you "not use the full pathname, and configure a restricted Defaults secure_path"?â Tim
Apr 2 at 0:47
 |Â
show 3 more comments
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f434933%2fdo-i-need-to-specify-the-pathname-of-a-command-added-in-etc-sudoers-every-ti%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password