About setting permissions for scripts

0
votes

I have a set of update commands that I need to run periodically as per compliance with my university's policies on security. These are the commands :

sudo apt-get clean

sudo apt-get update

sudo apt-get -y --purge dist-upgrade

Now what I want to do is to automate this process. The way I would go about this is to

  1. Set up all these commands as a shell script.
  2. Run the script as a cronjob everyday at 6AM in the morning.

I wrote a shell script named "update_script.sh" and saved it in the home folder. Inside the script was the three commands without the sudo option. Then I changed the ownership of the script to root.

Next I modified the visudo file to allow this script to run without a password.

(I followed the steps in this link)

Now my problem is this :

When I am trying to run this update script as "sh update_script.sh" it cannot run it. Only when I do "sudo sh update_script.sh" it does the job.

Where did I mess up in the setup ?

1
linuxbashshellunixubuntu
probably because you didn't allow yourself to run apt-get without a passwordglenn jackman

1 Answers

2
votes

Well the way you describe it, you have allowed yourself to execute 

update_script.sh

with sudo.

Which means that you need to call the script (by your users crontab as I understand it) with 

sudo update_script.sh

That means that the script is executed by root, and all the commands within the scripts are executed as root as well.

If you just want to execute the script itself without sudo, but allowing yourself to execute the commands withing the script as root (the apt-get commands in your case), you have to add the commands (again the apt-get in your case) to the sudoers-file. But as I see it, in your case you should just call the whole script with sudo instead.