Ubuntu – Make executable bash script run with sudo privileges


Ubuntu 18.04 Gnome de.

I made a simple bash script file that flags my next reboot to choose the windows grub entry. For quick rebooting into windows straight from Linux DE.

The problem is I have to use dconf to modify executable files to ask, so I can click run in terminal where it automatically asks for password. Otherwise, just executing the file does nothing, bc it's waiting for a password input.

Is there a way to run a bash script file like this with inherent sudo privileges so it doesn't need to ask for a password?

EDIT (even though it's directed at @waltinator, because comment formatting is atrocious):

So would


be the location and name of my bash script file? for example, my bash script file is named restart2windows and is located on my desktop:


so I would just need to add this line to /etc/sudoers (I'm still unclear on editing that file, using visudo, and whether I should edit sudoers.d as advised):

myusername     mymachinename = NOPASSWD: /home/myusername/Desktop/restart2windows

Would this be correct?


I tried editing sudoers via visudo:

sudo visudo

and added the line I suggested above, below the commented line:

#includedir /etc/sudoers.d

and then tried to run my bash script file from my desktop, and it did nothing. If I choose to run it in the terminal, the terminal is waiting for a password input.

Here is my bash script file contents, very simple:

sudo grub-reboot 2
sudo reboot now

Found this question here and it appears that I need to add sudo somewhere in there? I'm confused by that answer to that question because his line of code from the OP does not match the OP's.

Edit 3:

I submitted this same post in Ubuntuforums.org as well: https://ubuntuforums.org/showthread.php?t=2434878

Best Answer

Read man sudoers - it will let you grant passwordless access to a single command. Read man visudo, too.

From the man page:


   By default, sudo requires that a user authenticate him or herself before running a
   command.  This behavior can be modified via the NOPASSWD tag.  Like a Runas_Spec, the
   NOPASSWD tag sets a default for the commands that follow it in the Cmnd_Spec_List.
   Conversely, the PASSWD tag can be used to reverse things.  For example:

   ray     rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm

   would allow the user ray to run /bin/kill, /bin/ls, and /usr/bin/lprm as root on the
   machine rushmore without authenticating himself.  If we only want ray to be able to run
   /bin/kill without a password the entry would be:

   ray     rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm

   Note, however, that the PASSWD tag has no effect on users who are in the group specified
   by the exempt_group option.

Also, I'll note that "making an existing bash script run as root" is the beginning of many very sad security tales.

Rather than making the script run as root, allow your user passwordless access to the ( full path of ) the 2 commands in your script.