SOLVED Persist changes in /etc/local/sudoers for remote shutdown via SSH

E

elektropepi

Cadet
Joined
Feb 12, 2021
Messages
6
I want to write a program that remotely shuts down my TrueNAS server. When I enable sudo for the user myuser, the command ssh myuser@hostname -t "sudo poweroff" is actually enough.

But I don't want to give that user full sudo access, he should only be able to use the poweroff command. I can achieve this by modifying the /etc/local/sudoers file and adding the following line myuser ALL=(ALL) NOPASSWD: /sbin/poweroff. But as expected, this change isn't persisted over reboots.

How can I persist changes to the sudoer file (since more detailed sudo restrictions are not possible with TrueNAS configurations according to the source code)?
 
Samuel Tai

Samuel Tai

Never underestimate your own stupidity
Moderator
Joined
Apr 24, 2020
Messages
5,399
The simplest is to create an Init/Shutdown task, which runs Post Init, and appends the line you want to /etc/local/sudoers.
 
E

elektropepi

Cadet
Joined
Feb 12, 2021
Messages
6
Thanks for your response, I should try it this way.

I'm just quite unsure whether this could brick my installation, e.g. when a new TrueNAS update requires some line to be at the bottom of /etc/local/sudoers.
 
Samuel Tai

Samuel Tai

Never underestimate your own stupidity
Moderator
Joined
Apr 24, 2020
Messages
5,399
From what I've seen on my system, the GUI inserts entries at the top of /etc/local/sudoers, so you should be safe appending to the bottom.
 
You must log in or register to reply here.

Similar threads

J
  • Locked
/etc/sudoers modification with visudo does not persist after reboot
Replies
10
Views
5K
fracai
fracai
K
  • Locked
permission to execute poweroff with user other than root
Replies
2
Views
2K
Kei
K
A
sudoers: Including /usr/local/etc/sudoers.d
Replies
1
Views
1K
apiening
A
M
[Howto] rsync task with sudo on remote host
Replies
0
Views
3K
mahaha
M
FlyDiver
  • Locked
Help on remote
Replies
4
Views
2K
jgreco
jgreco
Top