So this is an idea I just had for efficiency is scripting. I'm wondering if it is possible to make a custom command (i.e. jello) that has sudo privileges, but doesn't prompt a password. I write a lot of scripts that require sudo permissions and don't like to type them in every time. I've been editing the sudoers file and making exceptions for these files. But I would really love if this were possible, so I could just type this command in my scripts and it would run like it should without asking for a password.
One option is to use wildcards in your sudoers file (sudoers manpage).
Note: You'll need to take suitable precautions with any strategy like this because you necessarily won't know all of the commands that you are granting access ahead of time - some exploits and risks.
If the risks are acceptable to you, then putting something like this into your /etc/sudoers file will allow you to add new commands of the same form and enable running of those commands without typing your password every time:
me ALL= NOPASSWD: /home/me/privil_scripts/priviledged_*.sh
Make sure it isn't easy for other users to drop in extra scripts in this directory! Comments on keeping this secure most welcome.
As a quick test:
# create a directory with some files inside
cd ~; mkdir nolook; touch nolook/f1; touch nolook/f2
>>> f1 f2
# make it so regular user can't see inside
sudo chmod -R 700 nolook; sudo chown -R root:root nolook
# test
ls nolook
>>> ls: cannot open directory nolook/: Permission denied
Now write privileged & unprivileged scripts:
echo "
#!/bin/sh
sudo ls nolook
" > privil_scripts/priviledged_ls.sh
chmod +x !$
echo "
#!/bin/sh
sudo ls nolook
" > privil_scripts/plain_ls.sh
chmod +x !$
and try them:
privil_scripts/priviledged_ls.sh
>>> f1 f2
privil_scripts/plain_ls.sh
>>> [sudo] password for me: