Hallo zusammen,
ich versuche folgenden Befehl ohne sudo Passwort ausführbar zu machen, damit das Bash-Skript von cron ausgeführt werden kann.
1 2 3 4 5 6 7 8 9 10 | wolf@frida:~$ cat /usr/local/bin/backup #!/bin/sh #start backup to backup-server baerbel echo "starting backup hd_cloud: mysql, nextcloud, jellyfin data&config, fotos .." sudo rsync -avPe "ssh -i /home/wolf/.ssh/id_rsa" --delete --log-file=/home/wolf/rsync.log --exclude 'mysql/ib_logfile*' /home/wolf/hd_cloud/mysql wolf@baerbel.router.local:/home/wolf/hd_data01 [...] exit 0 |
Der cronjob führt als user "wolf" den befehl "backup" regelmäßig aus.
So schaut die sudoers Datei aus:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 | # # This file MUST be edited with the 'visudo' command as root. # # Please consider adding local content in /etc/sudoers.d/ instead of # directly modifying this file. # # See the man page for details on how to write a sudoers file. # Defaults env_reset Defaults mail_badpass Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin" # Host alias specification # User alias specification # Cmnd alias specification # User privilege specification root ALL=(ALL:ALL) ALL wolf ALL=(ALL) NOPASSWD: /usr/bin/rsync # Members of the admin group may gain root privileges %admin ALL=(ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL # See sudoers(5) for more information on "#include" directives: #includedir /etc/sudoers.d |
Trotzdem verlangt er beim ausführen von backup ein Passwort:
1 2 3 | wolf@frida:~$ backup starting backup hd_cloud: mysql, nextcloud, jellyfin data&config, fotos .. [sudo] password for wolf: |
Wo ist der Denkfehler?