wewantrice Posted January 20, 2013 Share Posted January 20, 2013 Hello all, Tried searching but to no avail. I'm looking to add a user to the sudoers list, which I can temporarily do with visduo; however this does not survive a reboot. Is there any way I can make the change persist after reboot? Thanks! Quote Link to comment
wewantrice Posted January 21, 2013 Author Share Posted January 21, 2013 Any pointers on how to do this? Specifically what I'd like to do is give non root users the ability to issue the powerdown command Quote Link to comment
LVLAaron Posted February 2, 2013 Share Posted February 2, 2013 Why do you have "users" needing to power down your unraid server in the first place? But to help answer, you need to use the "go" file which is run at boot. Quote Link to comment
trurl Posted February 2, 2013 Share Posted February 2, 2013 Longer answer: Because the OS is running completely in RAM (this includes any "files" in the usual places, such as /etc/sudoers) any changes you make in the running OS is lost when you reboot. To make a change that will survive a reboot, you need to make the system make those changes for you each time it boots. This is usually done in /boot/config/go script file which is run automatically after the system boots. Quote Link to comment
wewantrice Posted February 6, 2013 Author Share Posted February 6, 2013 Thanks for the help, what specifically would I have to put into the go file to add a user to the sudoers list? The reason I'm trying to do this is I usually remotely connect to my server via SSH under a non root user name and would like the ability to remotely reboot the server if necessary. Quote Link to comment
warhead Posted February 7, 2013 Share Posted February 7, 2013 You can just add an echo line to your go file and pipe the line to the sudoers file. Its not recommended to edit this file directly without the syntax checking provided by visudo, but it does work well if you know exactly what you're doing. Alternatively you can edit the sudoers file via visudo and make a copy of it onto your flash drive and then have the go file overwrite the original on reboot. Sent from my Galaxy Nexus using Tapatalk 2 Quote Link to comment
detz Posted February 9, 2014 Share Posted February 9, 2014 For completeness. add this to /boot/config/go echo "USERNAME ALL=(ALL) ALL" >> /etc/sudoers 1 Quote Link to comment
Trunkton Posted January 7, 2019 Share Posted January 7, 2019 On 2/9/2014 at 6:34 AM, detz said: For completeness. add this to /boot/config/go echo "USERNAME ALL=(ALL) ALL" >> /etc/sudoers Thanks!! Quote Link to comment
trurl Posted January 7, 2019 Share Posted January 7, 2019 Since this thread is nearly 5 years old it might be worth considering if there are better methods since. Instead of adding to the go script. the preferred method of executing a script is with the User Scripts plugin. You can configure when your script runs, including at boot time. 2 Quote Link to comment
Trunkton Posted January 7, 2019 Share Posted January 7, 2019 (edited) 46 minutes ago, trurl said: Since this thread is nearly 5 years old it might be worth considering if there are better methods since. Instead of adding to the go script. the preferred method of executing a script is with the User Scripts plugin. You can configure when your script runs, including at boot time. THANKS!! I will look at switching out details in my /boot/config/go file to that right now, I didn't know it was out there very useful. UPDATE: That plugin does not do things pre-mount just after the array mounts or on a schedule from what I can see. Edited January 7, 2019 by Trunkton Quote Link to comment
groot-stuff Posted November 16, 2020 Share Posted November 16, 2020 (edited) Necro post with value below, as this is the top Google result on the topic. bulldozer !'s question on @SpaceInvaderOne's recent video (How to Test the Speed inside a VPN Download Container: https://www.youtube.com/watch?v=m7Qly7a_-M0) prompted this post. WARNING! EDITING THE sudoers FILE (OR ANY FILE THAT FEEDS INTO IT) INCORRECTLY CAN CAUSE IRREPERABLE DAMAGE AND POSSIBLE LOSS OF ACCESS TO YOUR SYSTEM! YOU HAVE BEEN WARNED. Only use visudo to edit the sudoers file (or any file that feeds into it)! visudo performs checks to aid in correct sudo file formatting (it is not fool-proof, double check your formatting!). Learning vi/visudo is on you, Google it for plenty of resources! https://lmgtfy.app/?q=how+to+use+visudo+in+linux Also, I am no Linux expert, but have used this method to successfully add a user to the sudoers list - on boot. Okay, now that the disclaimers are over... lets check out a more complete explanation of adding a user to the sudoers list without the use of any additional tools/plugins (UserScripts is great btw, I use it heavily on my server). Understand that sudo access can be dangerous, do not give this to users who do not understand it's power The /etc/sudoers file itself does not need to be edited, by default it will include the /etc/sudoers.d/ directory (below is a snippet of the end of the sudoers file) ## Read drop-in files from /etc/sudoers.d ## (the '#' here does not indicate a comment) #includedir /etc/sudoers.d Create a file named sudoadd (no .extension), using visudo, in /boot/custom/ /boot/ is your flashdrive, storing the file here allows it to survive reboots and unRaid to access it while booting up You may need to create the /boot/custom/ subdirectory I had the subdirectory after following Spaceinvaders video on setting up the docker-shell script Add the following to the sudoadd file (adjusting USERNAME to the one you'd like to use) ## ## User privilege specification ## USERNAME ALL=(ALL) NOPASSWD: ALL This is in the format of root's section in the /etc/sudoers file NOTE: the "NOPASSWD: " is not required and allows the specified user to execute the sudo command without entering a password Again, this is another dangerous setting... see this article for more info: https://www.tecmint.com/run-sudo-command-without-password-linux/ If you prefer to enter a password when using the sudo command, just remove "NOPASSWD: " The resulting line (password required) would read as: USERNAME ALL=(ALL) ALL Write the file and Quit (generally ESC > : > wq > ENTER in visudo) Next we need to tell unRaid to move the custom file and set it's permissions appropriately in the go file AGAIN, BE CAREFUL - THE GO FILE IS VERY IMPORTANT, IT STARTS YOUR WEBUI! Add the following to the end/bottom of the go file located at /boot/config/go cp /boot/custom/sudoadd /etc/sudoers.d/sudoadd chmod 0440 /etc/sudoers.d/sudoadd The first line copies the custom sudoadd file from the flash drive to the OS files running in memory The second line changes the permissions on the copied file to what Linux expects for a system file (IIRC) Also add the following to the end/bottom of the go file chsh -s /bin/bash USERNAME This line changes the shell for the USERNAME you specify, allowing the user to login via SSH I use vi to edit the go file, so Write the file and Quit (generally ESC > : > wq > ENTER) If you're using another editor, save the go file and exit Reboot your server and test that the USERNAME you setup above can: Login via SSH Execute the sudo command P.S. I normally give full credit via links to sources where possible, but I researched and successfully did this a very long time ago. That aside, this thread and @SpaceInvaderOne were definite contributors of my solution. If something in this post needs to be clarified please reply or message me and I will update it Edited November 16, 2020 by groot-stuff 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.