Adding users to sudoers through shell script

问题

Is it possible to add users to the sudoers file through a shell script? I've been looking around, still can't find anything.

回答1:

You could simply echo (with elevated privileges, of course) directly to the /etc/sudoers file:

sudo -i
echo 'nickw444  ALL=(ALL:ALL) ALL' >> /etc/sudoers
#             ^^
#             tab

(note the tab character between the username and the first ALL)

Or, for a script:

#!/bin/bash
# Run me with superuser privileges
echo 'nickw444  ALL=(ALL:ALL) ALL' >> /etc/sudoers

Then save to somefile.sh, chmod a+rx it, and run sudo ./somefile.sh from a terminal window.

To add multiple users, change the script to this;

#!/bin/bash

while [[ -n $1 ]]; do
    echo "$1    ALL=(ALL:ALL) ALL" >> /etc/sudoers;
    shift # shift all parameters;
done

Then, run the script like this (assuming you saved it as addsudousers.sh):

sudo ./addsudousers.sh bob joe jeff

that is, space-separated.

To read the names from a file:

nickw444@laptop ~ $ sudo ./addsudousers.sh `cat listofusers.txt`

listofusers.txt should also be space-separated.

Edit: Jappie Kirk rightly points out that you can't directly call sudo echo ... >> /etc/sudoers because the >> redirection is handled by the shell, which has by that point dropped the superuser privileges. However, if you run a script that contains echo ... >> /etc/sudoers and the script itself has superuser privileges, everything should work just fine.

回答2:

No, a straight echo won't work, you have to run it in a subshell. Try this instead:

sudo sh -c "echo \"group ALL=(user) NOPASSWD: ALL\" >> /etc/sudoers"

回答3:

There is also the sudo group, and you could add users to it (for common configurations of /etc/sudoers)

adduser [username] sudo

回答4:

on RedHat Based Distributions use:

su - root

and enter your password, then :

echo 'YOURUSERNAME ALL=(ALL:ALL) ALL' >> /etc/sudoers

to add the user in sudoers file.

回答5:

Login as root to your machine. The root user are the only one who has privilege to add new user.

Once you logged-in, you may now try the following commands below:

1. Create a new user.

   adduser [username]

2. Add password to user

   passwd [username]

3. Grant root privileges to user Edit the visudo file by simply typing

   enter code here

Find the following line of code: root ALL=(ALL) ALL

Then add this code below:

[username] ALL=(ALL) ALL

The original post will find on this link Centos 6 – Creating sudoers user

回答6:

Other answers such as spawning a subshell will work, but may not work if you want to use environmental vars. One alternative I found played really nicely for me:

echo "%<user>      ALL=(ALL) ALL" | sudo tee -a /etc/sudoers > /dev/null

This being said, hindsight is 20/20... If modifying sudoers via a script and not via visudo I would seriously recommend creating a backup with the right file permissions and contents first since you can lose access to any sudo rights without pkexec, physical access or a reboot etc.

sudo cp /etc/sudoers /etc/sudoers.bak

回答7:

Single line to create user with password and in sudo group.

useradd -p $(openssl passwd -1 PASSWORD) USERNAME -s /bin/bash -G sudo

回答8:

In order to grant to user sudo permission in shell script (Unix/Linux) use the usermod function:

sudo usermod -aG sudo <userName>

example:

sudo usermod -aG sudo johnDoe

For Verification: use the groups function ( which show the group membership ) and verify the sudo group us under the right user.

groups <userName>

example:

groups johnDoe
#!johnDoe: johnDoe sudo

Explanation from linux documentation:

The usermod command modifies the system account files to reflect the changes that are specified on the command line.

-a, --append

Add the user to the supplementary group(s). Use only with the -G option.

-G, --groups GROUP1[,GROUP2,...[,GROUPN]]]

A list of supplementary groups which the user is also a member of. Each group is ?> separated from the next by a comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the -g option. If the user is currently a member of a group which is not listed, the user will be removed from the group. This behaviour can be changed via the -a option, which appends the user to the current supplementary group list.

来源：https://stackoverflow.com/questions/8784761/adding-users-to-sudoers-through-shell-script