I need to run important_script.sh as with sudo -i without password.
If I have in sudoers:
apache ALL = (root) NOPASSWD: /blah/important_script.sh
and run "sudo /blah/important_script.sh" I can run it without password.
However if I run "sudo -i /blah/important_script.sh" I need to enter password for apache.
If I change line in sudoers to:
apache ALL = (root) NOPASSWD:ALL
I can run command "sudo -i /blah/important_script.sh" without password.
But I want to be able to run only /blah/important_script.sh, not ALL commands.
So, how I setup that only /blah/important_script.sh could be ran with sudo -i without password.
When I try this I get an error message which gives a clue to the problem
Note that we're being denied access to a command
/bin/bash -c...
which is different from the one we specified in the sudoers file/blah/important_script...
. When you tell sudo to allow a user to run a specific command, they have to use the exact command line as specified in sudoers so we need to change sudoers appropriately.This now works for bob
So why is it doing this ? Well the man page for sudo has the answer