sudoers script and file access

[gw1500se]

I have a script that accesses a root owned file. I have the script in sudoers and the suid bit set. However, when the script runs, it gets a permissions denied when trying to access that file. Since it is a suid script owned by root should it not be running as root and have access to that script? Do I need to do something else with the script? TIA.

[TrevorH]

Scripts can't have the suid bit set - well, they can but it's ignored. To get it to run via sudo you need to prefix the command with "sudo ".

[gw1500se]

The script is in the sudoers file so any user can run it without a password. The problem is the script needs to read a file with restricted access.

[TrevorH]

So what command are you running when you have the problem with it not working with sudo? What exactly do you type?

[gw1500se]

Not sure how this helps but the command is my script named 'VPNsudo.py'. That entry in sudoers is:

ALL ALL=NOPASSWD: /usr/local/bin/VPNsudo.py

That script needs to run as root (setuid bit) in order to access the restricted file it needs.

[TrevorH]

Again, you cannot set the suid bit on a script. Well, you can set it but it is ignored.

So to do what you need to do you need to run sudo /usr/local/bin/VPNsudo.py

If you don't run it prefixed with sudo then it is not run via sudo so /etc/sudoers has no effect. It's not magic.