I read all sudo posts on serverfault, but I still cannot figure out what I'm doing wrong. Normally I finally find the solution but not this time :
I want apache user to be able to execute this command as user "hremotessh" :
sudo /home/hremotessh/scripts/redirect.sh 8892 8893
Therefore I added this in visudo :
apache ALL=(hremotessh) NOPASSWD: /home/hremotessh/scripts/redirect.sh
But sudo is still asking the password ?
sudo /home/hremotessh/scripts/redirect.sh
[sudo] password for apache:
I tried this, but not better :
sudo -u hremotessh /home/hremotessh/scripts/redirect.sh
hremotessh is not in the sudoers file. This incident will be reported.
Any idea would be warmly welcomed :-)
Denis
Unless you want to run the command as root you need to specify the username, so
is the correct syntax to test the sudo command.
Since you're not prompted for the apache user's password sudo seems to be configured correctly.
The resulting warning:
hremotessh is not in the sudoers file.indicates that anothersudocommand is used in the redirect.sh script. And there's no (valid) sudo policy for that user.I had a similar problem when trying to run a python3 code as sudo from a script and cound't enter password from the script. The solution was to edit visudo so that python3 would run as sudo without prompting the password, NOT run the python3 script as sudo. So I believe you need to run apache as sudo without prompting for password, NOT running the .sh script as sudo without password.