pythonsudo
I want to turn my system on automatically every day. So I use the below code in my Python script, but sudo asks me for a password every time:
os.system('sudo sh -c "echo date \'+%s\' -d \'+ \
24 hours\' > /sys/class/rtc/rtc0/wakealarm"')
How can I run this script without sudo asking for the password every time?
You can configure sudo to never ask for your password.
Open a Terminal window and type:
sudo visudo
In the bottom of the file, add the following line:
$USER ALL=(ALL) NOPASSWD: ALL
Where $USER is your username on your system.
Save and close the sudoers file (if you haven't changed your default terminal editor (you'll know if you have), press Ctl + x to exit nano and it'll prompt you to save).
As of Ubuntu 19.04, the file should now look something like
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
YOUR_USERNAME_HERE ALL=(ALL) NOPASSWD: ALL
After this you can type sudo <whatever you want> in a Terminal window without being prompted for the password.
This only applies, to using the sudo command in the terminal. You'll still be prompted for your password if you (for example) try to install a package from the software center
Since you have sudo access, create a sudoers file for yourself, then delete it when the script is done:
# grant this user access to the sudo commands without passwords
# add all required cmds to the CMDS alias
sudo tee /etc/sudoers.d/$USER <<END
$USER $(hostname) = NOPASSWD: /usr/bin/apt-get, /usr/sbin/adduser, /bin/rm, ...
END
# your script goes here
sudo apt-get install ...
git clone ...
sudo adduser group2 $USER
sudo adduser group1 $USER
: ...
# then, remove the sudo access
sudo /bin/rm /etc/sudoers.d/$USER
sudo -k
Best Answer
The correct way to do it to setup
sudosuch that only the one specific command you need, i.e.echo date... > rtc..., is allowed to run WITHOUT needing the password.Step 1. Create a shell script with just that command
gedit(or your favorite editor), and create the script e.g.pydatertc.shStep 2. Set up sudo to allow
pydatertc.shto execute without requiring a passwordsudo visudoat the terminal to open the sudo permissions (sudoers) file%sudo ALL=(ALL:ALL) ALLusernameis your username:Step 3. Modify your python script to call
pydatertc.shos.system('sudo /home/username/pydatertc.sh')Now your script should run without requiring a password AND without compromising the security of your account, your data or your system!
Alternative only for
wakealarm(not for general use!):In this specific case only, since the
/sys/class/rtc/rtc0/wakealarmfile only controls the wake-up alarm for the system and is otherwise harmless, another alternative to avoid the password is either to take ownership of that file withchown(if you are the only user setting the alarm), or make it world-writeable withchmod +666; in that case, simply remove thesudofrom your Python call, leavingsh -c "...."intact.