Time to time I usually find myself typing sudo to execute commands requiring sudo rights, and this is repetitive which simply means one gets weary of typing sudo password every time, hence this blog post. Reason for this is to remind me how to do it the next time I am faced with such conundrum(s).

Suppose I wanted to add a group of users who are allowed to run mount and umount without passwords. So I first want to add a group called "staff"

[sourcecode language="bash"]
sudo groupadd staff
[/sourcecode]
Next we need to edit the /etc/group and add the users

[sourcecode language="bash"]
staff:407:
[/sourcecode]
will be present ,hence append users you want to add the users separated by commas.

[sourcecode language="bash"]
staff:x:407:user1,user2,...
[/sourcecode]
Now we need to configure sudo to allow members of the "staff" group to actually invoke the mount and umount commands.

You just need to add the following lines to /etc/sudoers or execute sudo visudo

[sourcecode language="bash"]
%staff ALL=NOPASSWD: /sbin/mount, /sbin/umount
[/sourcecode]
Now sudo mount won't ask password but since it is a pain in the butt typing sudo all the time, we can avoid it by doing the following:

I can create the following script called "/usr/bin/mount" (and similar script for umount)

[sourcecode language="bash"]
#! /bin/sh
sudo /sbin/mount $*
[/sourcecode]
To make this slightly more secure, We might want to change the ownership of these scripts to the "staff" group.

[sourcecode language="bash"]
chgrp staff /usr/bin/mount /usr/bin/umount
[/sourcecode]
and then make them executable only for the group "staff"

[sourcecode language="bash"]
chmod g+x /usr/bin/mount /usr/bin/umount
[/sourcecode]
Note:Depending on the OS you are using please check where mount and umount commands are located. It might be in /bin/ instead of /sbin.
So you might have to make necessary changes

 

Done