Open In App

Shell Script to Give Root Privileges to a User

Improve
Improve
Like Article
Like
Save
Share
Report

The sudo command is the most powerful command in Linux. It provides a mechanism for granting administrator privileges, using administrator privileges a normal user can do whatever he wants with the file system of the installed Linux system. Using sudo we can modify our system.

Method  1: Adding to Root Group using usermod

usermod command in Linux is used to modify the user account. Using usermod command we can assign groups, permissions to a specific user. There are mainly 7 groups in the Linux file system, these are as follows:

  • root
  • bin
  • daemon
  • sys
  • adm
  • disk
  • wheel

To add a user to root using usermod, we have to run the following command in the terminal.

usermod -G root user

Here, the –G flag stands for Group and the root is the group for new user1.

To add an existing user to the root group, follow the following command:

usermod -g 0 -o user

Here, the -g flag stands for Group id, and 0 represents the root group id, and the -o flag is for the existing user.

Method  2: Adding to Root Group using useradd Command

useradd command can be used to create a new user or update default new user information. It is a low-level utility for adding users. To add a user to the group using the useradd command, simply run the following command in your terminal.

useradd -m -G root user

Here, the –m flag is used to create the user’s home directory if it does not exist, and the -G flag represents the group.

Method  3: Editing /etc/passwd file

Open up the passwd file using any text editor, and change the group user id to 0  which represents root permission.

Run the following command in the terminal :

nano /etc/passwd

Then modify the following permission for the user whom you want to give root access to.

Before giving root permissions:

root:x:0:0:root:/root:/bin/bash
user:128:128:user

After giving root permissions

root:x:0:0:root:/root:/bin/bash
user:0:0:user

Here, if you see clearly we have modified line 2 that has the user whom we want to give root access, previously it has a value of 128 which is not a group ID for root. So we modified that line and replace the value with the 0, which represents the root group. After that, save the file and reboot your system.

Method 4: Setting as Sudo User 

To add a user to sudo user, we can modify the sudoers file located at /etc/sudoers. Open up the sudoers file using any text editor and add the following line at the end of the file to add a user to the sudo user.

user ALL=(ALL) ALL

Here, ALL represents that we are giving all(full permissions) to the user i.e. the user can run any command and the user just has to authenticate.

  • The first ALL is all hosts. i.e. if you have shared this sudoers file to many computers 
  • The second ALL is the user as you are running the command
  • The third ALL is that user can run the command.

Method 5: To give root privileges to a user using a script

To give root privileges to a user while executing a shell script, we can use the sudo bash command with the shebang. This will run the shell script as a root user. 

Example:

#!/usr/bin/sudo bash
 ....
 The rest of the shell script goes here
 ....

Shell Script to make directory using root privileges:

#!/usr/bin/sudo bash
echo "Enter a directory name"
read newdir
`mkdir $newdir`

Save the above script as geeks.sh, to run the script type the following command in the terminal:

sh geeks.sh

Output:

Created using root 

Method 6: Using an interactive dialog box

We can use a tool called whiptail to create an interactive dialog box. To install this tool, run the following command in your terminal:

sudo apt install whiptail

Script:

#!/usr/bin/bash

# saving user's name in me variable
me="$(whoami)"

# Checking that the script is running as root.
# entering in if case
if [ "$(id -nu)" != "root" ]; then

    # resetting cached credentials
    sudo --reset-timestamp

    # creating a dialog box to enter user password 
    pswd=$(whiptail --title "GeeksforGeeks Authentication Script" \
    --passwordbox "To run this script, administrative privilege is \
    required. \n[sudo] Password for user $me:" 14 52 3>&2 2>&1 1>&3-)
    
    # executing the script with the password entered by user
    exec sudo --stdin --prompt '' "$0" "$@" <<< "$pswd"

    # if password is wrong it will return the status code 1
    exit 1

# exiting from if condition
fi

# Here, we will do the stuff that only sudo user can do 

# creating a folder under the user's directory
path="/home/amninder/new_folder_Geeks"

mkdir $path

echo "Folder Created!!"

Output:

using dialog box

In this script firstly we have created an interactive dialog prompt box for the user to enter the sudo password, then running the script with sudo permissions. Firstly, we are saving the user’s name in me variable for displaying the name in the interactive dialog box. Then using the id command with the if statement we’re checking if the running script is using the root permission, if not we are entering the if statement. Using sudo –reset-timestamp will clear the previously saved credentials and ask for the root password again. Then we have used the whiptail command to add a title, a password box in the interactive dialog box. Here 14 and 52 are the height and width of the dialog box respectively.

3>&2 2>&1 1>&3-“, we are swapping stdout and stderr.

Here,

0 – stdin

1 – stdout

2 – stderr

3 – stdout

 The 3>&2 in the script will create a new file descriptor and redirect it to 2 which is stderr. Now 2>&1 will redirect the file descriptor 2 to stdout and 1>&3 will redirect file descriptor 1 to 3 which is stdout. And save the password into pswd variable.

If the user enters the wrong password 3 times, we are exiting the script and displaying exit code 1. And after finishing the if block, we can do the stuff that needs root permission. In this script, we are creating a folder after getting root permission.


Last Updated : 17 Oct, 2021
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads