Run certain sudo commands without entering password

Write tutorials here
There are more tutorials here http://community.linuxmint.com/tutorial/welcome
Forum rules
Please don't add support questions to tutorials,start your own thread in the appropriate sub-forum instead. Before you post please read this
Post Reply
LuvNix
Level 3
Level 3
Posts: 127
Joined: Wed Jan 02, 2019 4:50 pm

Run certain sudo commands without entering password

Post by LuvNix » Sat Jan 12, 2019 12:20 pm

Ok ... some background ( and a mini how-to.)

I like a program called ps_mem, it's good for showing how much memory is being used and what's using it. However the sucker isn't readily available in Mint's repositories and when you do get the thing installed it ordinarily requires you use sudo + enter your password to run it. I didn't want to do that so did as follows.

Ok since git is installed on LM v 19(Mate) out-of-box I used it to get ps-mem, like this. First I created a directory named .bin in my users /home. Then In terminal entered.

Code: Select all

mkdir ~/git && cd ~/git
git clone https://github.com/pixelb/ps_mem.git
cp ps_mem/ps_mem.py ~/.bin/ps-mem && chmod +x ~/.bin/ps-mem
Also note when in terminal entering ~/ is the same as typing out /home/yourusername. It's cool and saves typing.Which is what it did, mkdir (make directory) one named git in my users /home, snatched ps-mem from git and installed it into the .bin directory.

Now I could run it in terminal with ...

Code: Select all

sudo /home/myusername/.bin/ps-mem
Enter password, ps-mem runs and shows me all the memory stats goodness I was wanting to see. However as mentioned, having to sudo + enter password, nope, want to do this a better way. Folks used to add this type of stuff to "visudo" but the newer and better way to do this is to create a file in /etc/sudoers.d/ and add whatever custom junk to do this type of thing in a file, that gets sourced by visudo.

Ok next up, created a file in that location. In this example I named that file myfile.

Code: Select all

sudo touch /etc/sudoers.d/myfile
Now it's time to edit that file and include the line I need to run ps-mem without having to enter a password. This is the supposed right way to edit files in /etc/sudoers.d/

Code: Select all

sudo visudo -f /etc/sudoers.d/myfile
The myfile there opens in nano( I/you can set another editor but take that up with google-etc.) I added the following and this demonstrates the correct syntax for doing what I want.

Code: Select all

# Adding a sudo command I don't need to enter password to run.
myusername ALL=(ALL) NOPASSWD: /home/myusername/.bin/ps-mem
Note: You can also add several commands just separate the things with a (,)comma. You'd put it at the end of the first command, then a space, next thing someone were wanting to run without pass with a comma at it's end etc so forth. With this added, it's somewhat better for me running ps-mem. Now in terminal when I type out the "sudo ~/.bin/ps-mem" it runs, no password necessary.

Better but still not how I really want it. Moving onto bash aliases. Much to bash aliases, not going into that cause google-etc has it fully covered and then some. In my case I create a file in my users /home, named .bash_aliases and then I'll add any aliases I want to use while in terminal here. In the case of getting ps-mem to play nice I add the following to .bash_aliases.
alias mem="sudo /home/myusername/.bin/ps-mem"
In the .bash_aliases file you add one alias per line. Also note that .bash_aliases is a .(dot) file, meaning it doesn't show up when you look in your file manager, until you unhide these files. You do that by either selecting to "show hidden files/folders" in the file manager menu or just use the shortcut to unhide/hide them, that is Ctrl + H. In this case I added an alias for mem. So now in terminal when I type in mem + hit Enter, it runs ps-mem ... No password necessary. No having to type out "sudo ~/.bin/ps-mem". Yay ! :)
Last edited by LuvNix on Sat Jan 12, 2019 1:15 pm, edited 1 time in total.

LuvNix
Level 3
Level 3
Posts: 127
Joined: Wed Jan 02, 2019 4:50 pm

Re: Run certain sudo commands without entering password

Post by LuvNix » Sat Jan 12, 2019 12:58 pm

Here's example output from running ps-mem on this old lappy. :)
Private + Shared = RAM used Program

212.0 KiB + 30.5 KiB = 242.5 KiB acpid
324.0 KiB + 75.5 KiB = 399.5 KiB cron
384.0 KiB + 61.5 KiB = 445.5 KiB rtkit-daemon
392.0 KiB + 88.5 KiB = 480.5 KiB irqbalance
432.0 KiB + 80.5 KiB = 512.5 KiB lvmetad
604.0 KiB + 138.5 KiB = 742.5 KiB xfconfd
660.0 KiB + 126.5 KiB = 786.5 KiB xdg-permission-store
768.0 KiB + 142.5 KiB = 910.5 KiB gvfsd-metadata
792.0 KiB + 144.5 KiB = 936.5 KiB gvfs-mtp-volume-monitor
708.0 KiB + 247.5 KiB = 955.5 KiB gconfd-2
860.0 KiB + 119.5 KiB = 979.5 KiB dconf-service
904.0 KiB + 151.0 KiB = 1.0 MiB kerneloops (2)
836.0 KiB + 221.5 KiB = 1.0 MiB xdg-document-portal
984.0 KiB + 121.5 KiB = 1.1 MiB gvfs-goa-volume-monitor
876.0 KiB + 231.5 KiB = 1.1 MiB at-spi2-registryd
768.0 KiB + 358.5 KiB = 1.1 MiB agetty (5)
572.0 KiB + 577.0 KiB = 1.1 MiB avahi-daemon (2)
796.0 KiB + 353.5 KiB = 1.1 MiB at-spi-bus-launcher
936.0 KiB + 233.5 KiB = 1.1 MiB gvfsd-fuse
1.1 MiB + 175.5 KiB = 1.3 MiB gvfs-gphoto2-volume-monitor
1.0 MiB + 342.5 KiB = 1.3 MiB gvfsd
1.2 MiB + 179.5 KiB = 1.4 MiB accounts-daemon
948.0 KiB + 464.5 KiB = 1.4 MiB systemd-logind
1.2 MiB + 346.5 KiB = 1.5 MiB sudo
1.1 MiB + 464.5 KiB = 1.6 MiB systemd-resolved
1.3 MiB + 240.5 KiB = 1.6 MiB ntpd
1.2 MiB + 460.5 KiB = 1.7 MiB gvfsd-trash
1.3 MiB + 344.5 KiB = 1.7 MiB gvfs-afc-volume-monitor
2.1 MiB + 94.5 KiB = 2.2 MiB rsyslogd
1.9 MiB + 511.5 KiB = 2.4 MiB gvfs-udisks2-volume-monitor
1.6 MiB + 1.1 MiB = 2.7 MiB cups-browsed
2.5 MiB + 517.5 KiB = 3.0 MiB dhclient
2.3 MiB + 741.5 KiB = 3.0 MiB dbus-daemon (3)
2.9 MiB + 238.5 KiB = 3.1 MiB polkitd
3.4 MiB + 80.5 KiB = 3.5 MiB systemd-udevd
2.8 MiB + 732.5 KiB = 3.5 MiB wpa_supplicant
3.5 MiB + 320.5 KiB = 3.8 MiB ModemManager
3.2 MiB + 1.2 MiB = 4.4 MiB bash (2)
3.5 MiB + 1.3 MiB = 4.8 MiB tint2
4.2 MiB + 596.5 KiB = 4.8 MiB udisksd
5.0 MiB + 891.5 KiB = 5.9 MiB slim
6.2 MiB + 550.5 KiB = 6.7 MiB pulseaudio
5.9 MiB + 1.4 MiB = 7.3 MiB openbox
3.7 MiB + 4.2 MiB = 7.9 MiB systemd (3)
7.1 MiB + 1.3 MiB = 8.4 MiB NetworkManager
6.9 MiB + 2.6 MiB = 9.5 MiB nm-applet
7.8 MiB + 1.9 MiB = 9.8 MiB networkd-dispat
8.1 MiB + 6.0 MiB = 14.1 MiB leafpad (2)
10.0 MiB + 5.6 MiB = 15.6 MiB sakura (2)
14.2 MiB + 1.9 MiB = 16.1 MiB systemd-journald
17.2 MiB + 3.1 MiB = 20.3 MiB applet.py
36.8 MiB + 6.0 MiB = 42.8 MiB Xorg
484.8 MiB + 121.1 MiB = 605.9 MiB firefox-bin (5)
---------------------------------
840.8 MiB
=================================

LuvNix
Level 3
Level 3
Posts: 127
Joined: Wed Jan 02, 2019 4:50 pm

Re: Run certain sudo commands without entering password

Post by LuvNix » Sat Jan 12, 2019 2:17 pm

Ok adding to this, mentioned you can add several commands as per above. At the time I decided to post this junk I couldn't think of anything overly useful to use to demonstrate. Ok ... thought of something.

Ok again, I edit the /etc/sudoers.d/myfile with.

Code: Select all

sudo visudo -f /etc/sudoers.d/myfile
Again the sucker pops up in nano, I've changed it to add a total of 3 things, without entering password needed. Run ps-mem, poweroff and reboot from terminal also. So it now looks like this.
# Adding a sudo command I don't need to enter password to run.
myusername ALL=(ALL) NOPASSWD: /home/myusername/.bin/ps-mem, /sbin/poweroff, /sbin/reboot
Ok if I type "sudo poweroff" or even just "poweroff" while in terminal that's what the laptop does, shutdown, same deal for reboot. Something else that I think is cool about doing this dorkish stuff. Someone can add a keyboard shortcut to use these. Below is an example taken from my Openbox rc.xml file but the same type of thing will work if added as a custom keyboard shortcut in MATE or whatever else. The important part is the path there /sbin/poweroff.

Code: Select all

   <keybind key="Control-F12">
      <action name="Execute">
        <startupnotify>
          <enabled>true</enabled>
          <name>turnoff</name>
        </startupnotify>
        <command>/sbin/poweroff</command>
      </action>
    </keybind>
Now when I hold down the Control/Ctrl key and press F12 the laptop shuts down. No having to open menu, select this, select something else. Just WHAM shutdown. :)

Post Reply

Return to “Tutorials”