How to create a script and add it in /etc/sudoers with NOPASSWD

Question

It is a home computer, with no other users using it.

Could someone give a helping hand to create scripts for every each following commands:

echo 100 > /sys/class/backlight/intel_backlight/brightness

ethtool -s eth0 autoneg off speed 100 duplex full

dhclient eth0

apt-get update && apt-get upgrade && apt-get dist-upgrade -y

apt-get autoremove && remove && clean && autoclean -y

Adding each script in

/etc/sudoers

ALL=(ALL:ALL) ALL you ALL=(ALL:ALL) NOPASSWD: /usr/local/sbin/myscript.sh 

So, there will never be need again the sudo password when using these commands.

Or, if you have any other more straight, simple, faster, more minimal way to achieve the request.

Answer 1

The genesis of the sudo feature was to create and restrict root abilities for selected mortal users. Also to create a logged audit trail to look at in case someone broke something using root access. Prior to that time, many users and administrators would log on as root and do all of their work in a root privileged shell whether they needed those capabilities or not. It was not uncommon to log on to a server and see many dozens of root logins from many different terminals. Obviously, this led to chaos.

The only major risk that I see for what you are proposing is that if someone hacks into your account they would have increased access to root owned files and commands. If you have telnet disabled and ssh locked down securely, those risk would be minimized. As a systems administrator for many decades I always advise against circumventing security models but what you want to do, in the context of a limited access home environment is probably relatively safe.

That said, if you are unfamiliar with writing scripts or programming generally, writing a script to bypass sudo security as a first scripting effort is probably ill advised. Unless you write your script in a very clever way, someone could very well come along and figure out your password and / or exploit your script to do bad things.

The easiest, but not at all the wisest way to accomplish what you want is to basically log in as root. This would effectively bypass sudo in that shell.

sudo su

enter your password

Your prompt will change from $ to #

whoami

Verify that you are indeed root

I would use this shell ONLY for commands that require root access. Do NOT use it for day-to-day mortal user operations. You WILL eventually break something accidentally. All experienced Sys Admins have at one time or another.

Answer 2

It seems that these steps resolved this case:

sudo su

Create /usr/local/bin/scriptname and write the beyond lines in it:

#!/bin/bash

command in here without sudo

# the end of the script's name

_

Create /etc/sudoers.d/scriptname and write the following lines in it:

User_Alias scriptname=username
Cmnd_Alias scriptabreviaton=/usr/local/bin/scriptname
scriptname ALL=NOPASSWD: scriptabreviaton

Add at the end of /etc/sudoers the next two lines:

username ALL=(ALL:ALL) ALL
username ALL=(ALL:ALL) NOPASSWD: /usr/local/bin/scriptname

_

chown root:root /etc/sudoers.d/scriptname
chown root:root /usr/local/bin/scriptname
chmod 0700 /usr/local/bin/scriptname
chmod 0440 /etc/sudoers.d/scriptname

_

From the regular user name:

sudo /usr/local/bin/scriptname

It shouldn't ask for sudo password any more.

Everywhere when it is written "scriptname", "usernme", "scriptabreviaton" every each of them should be the same.