Linux Scripting Help - Run Script With Root Privileges

DanRoM

Forum Addict
Joined
Feb 27, 2009
Messages
8,040
Location
Ruhr Area, Germany
Car(s)
MX-5 ND, CBF1000 & two bikes
Note: The scripts in this question post are obsolete by the solution posted a few posts below.

I need some help with a Linux script and I hope there are maybe some people here who can help me. Because I'd rather not open an account on StackOverflow or something. ;)

Situation: I have a laptop, and that per definition is mobile. I also have files stored on my NAS at home. So I want to mount the NAS directories after login if the machine is connected to my home network.

System is Ubuntu 18.04, but my approach should be very generic...

The mounting itself is done via CIFS as defined in my /etc/hosts:
Code:
//<nas-hostname>/<nas-directory>      /mnt/<mountpoint>  cifs uid=<username>,gid=users,rw,credentials=<path-to-credential-file>        0       0
This part works fine, or well it would work fine if the laptop had network at the time when fstab is run through.

The manual solution is to execute
Code:
sudo mount -a
after login (and with being connected to the network).
Obviously, I want to automate that.

So... my approach:
  • a "global" script that wraps the mount command:
    Code:
    #!/bin/sh
    
    /usr/bin/sudo /bin/mount -a
    
    exit 0
    Saved this way (with setuid bit):
    Code:
    ~> ll /usr/local/bin/mountall.sh
    -rwsr-x--- 1 root nasmounters 287 Jun 11 22:38 /usr/local/bin/mountall.sh*
  • an entry in sudoers:
    Code:
    # NAS mounting for selected users
    %nasmounters ALL=(root) NOPASSWD: /usr/local/bin/mountall.sh
    and my user obviously is a member of the nasmounters group.
  • a "local" script in my user's ~/bin:
    Code:
    #!/bin/sh
    
    nashost=<nas-hostname>
    networksuffix=<common-network-suffix-for-all-hosts>
    
    log=~/bin/nas-mount.log
    
    if host $nashost|grep -q $nashost$networksuffix
    then
            sudo /usr/local/bin/mountall.sh
    fi
    
    exit 0
    Saved normally with 700 privileges.
To my understanding (and also explained here on superuser.com), this should enable me to invoke the mount -a command without being prompted for my password by using the scripts (sudo nas-mount.sh or sudo /usr/local/bin/mountall.sh).
However, I'm asked for my password both when I want to run the "local" script as well when I try the "global" one. Providing that, everything works out, meaning the script chain as such works. But a password prompt is obviously a showstopper in a script that's intended to be run in the background via autostart.

Any ideas?
 
Last edited:

prizrak

Forum Addict
Joined
Apr 2, 2007
Messages
20,737
Location
No, sleep, till, BROOKLYN
Car(s)
11 Xterra Pro-4x, 12 'stang GT
Unless your username is %nasmounters when you invoke your local script it is run with the wrong user so it will ask for password. Try modifying the command to run as
Code:
sudo %nasmounters -c "<script goes here>"
Might have to add no password into sudoers for your user to be able to execute commands as mounter without entering pass.

Alternatively set up root keys from another machine on your network to your laptop and have it run a cron job that would try to mount your drives on your laptop every min or so.
 

thevictor390

Teen Wankeler
Joined
Mar 9, 2007
Messages
11,864
Location
Massachusetts
Car(s)
'17 Mazda MX-5 RF, '89 Toyota Blizzard SX5
%nasmounters is a group name so he would just need to be part of that group (maybe double-check this).
This is something I would normally tailor to the operating system, last time I had to do it I was using a system with Gnome and I simply added the commands to ".bashrc" in my home directory.
 

prizrak

Forum Addict
Joined
Apr 2, 2007
Messages
20,737
Location
No, sleep, till, BROOKLYN
Car(s)
11 Xterra Pro-4x, 12 'stang GT
Not sure how it would handle groups, never actually tested it.

I did test the change in sudoers on my box just now and I still get a password prompt for sudo even with "NOPASSWD" directive.
 

thevictor390

Teen Wankeler
Joined
Mar 9, 2007
Messages
11,864
Location
Massachusetts
Car(s)
'17 Mazda MX-5 RF, '89 Toyota Blizzard SX5
Groups are totally valid, there should even be an example in the default file. I've pretty much always had NOPASSWD: ALL on my personal box... might be worth setting sudoers to be very open and seeing if it works, then gradually closing it off. i.e.
Code:
%nasmounters ALL=(ALL) NOPASSWD: ALL
 

DanRoM

Forum Addict
Joined
Feb 27, 2009
Messages
8,040
Location
Ruhr Area, Germany
Car(s)
MX-5 ND, CBF1000 & two bikes
Thanks for the replies. Unfortunately, none of them helped.... but fortunately, that lead me to doing it properly. So thanks anyway. :D :)

I ditched the whole approach after I found out about NetworkManager being able to run dispatcher scripts (explained in German with some examples here on the UbuntuUsers wiki or in English here on gnome.org).

So, the (hopefully) clean approach to the problem: Create a script that is run by the system upon a change in network status. It has to be saved in the NetworkManager configuration directory:
Code:
~> ll /etc/NetworkManager/dispatcher.d/10*
-rwxr--r-- 1 root root 1,1K Jun 12 22:34 /etc/NetworkManager/dispatcher.d/10-mountnas*
and has the following content:
Code:
#!/bin/sh -e
#
# Script mounts the NAS directories if the machine is connected to the same
# network as the NAS server "<hostname>" (by just mounting everything in 
# /etc/fstab).
# It also unmounts the mountpoints for video and music if the machine is no
# longer connected to a network.

INTERFACE=$1
ACTION=$2

NASHOST=<hostname>
NETWORKSUFFIX=<suffix-common-to-all-machines-in-my-home-network>

MOUNTBASEDIR=/mnt/
MOUNTPREFIX=nas-
MUSIC=music
VIDEO=video

if [ $ACTION = "up" ]
then
        /usr/bin/logger "Network detected on interface $INTERFACE... checking for $NASHOST presence."
        if /usr/bin/host $NASHOST | /bin/grep -q $NASHOST$NETWORKSUFFIX
        then
                /usr/bin/logger "$NASHOST present. Mounting all unmounted fstab entries..."
                /bin/mount -a
                /usr/bin/logger "...mounting successful."
        fi
fi

if [ $ACTION = "down" ]
then
        /usr/bin/logger "Network interface $INTERFACE disconnected. Unmounting NAS directories..."
        /bin/umount $MOUNTBASEDIR$MOUNTPREFIX$MUSIC
        /bin/umount $MOUNTBASEDIR$MOUNTPREFIX$VIDEO
        /usr/bin/logger "...unmounting successful."
fi

exit 0
Now, this is still somewhat delicate about the network just being gone (unplugging the laptop from the docking station...), but the automatic mounting works. I can live with that for now. :)
 
Top