Run a s script as root without sudo? Well I did and I’ll explain why and how in this little blog post.
I wanted to run a script on my Synology NAS through ssh, but I found out it needed sudo to run.
The script was to trigger a new render of my website. My website runs in a docker container and docker runs as root on linux, so in order to render I have to run a docker command and that needs sudo.
But how to do this without it?
On linux it is possible to run a script as root if you configure it through the
This command is not available on the Synology linux distro so I had to edit the
/etc/sudoers file myself.
This is tricky because if you make a mistake you can it could brake sudo. So before you make any changes there
I would advice to open multiple sessions to your nas and become on one of those sessions root (
sudo su) and
dot the work in the other session. That would at least give you an already started root session if
you break it in the other session, so you can fix stuff
now do the following:
Now before you leave this session as root try to become root in another session. If you can the config is correct,
if not revert your changes in this session
Now you have given yourself permission to run these programs / scripts as root without the need of the
In my script I had this command
/usr/local/bin/docker exec www.ivonet.nl hexo generate and that resulted in this error
So my command actually worked but some other stuff was wrong. Docker did not ask for a password or complain that it could not run.
No another file did have the wrong rights.
Time to define a group for docker.
now try running this script again.
it should work like a charm without the need of sudo.
I can now run a script like this and it will not ask me for a password.
of course you need public / private keys configured to log in with ssh without the need for a password, but that is another story I might already have blogged about 😄.
Note that users with such a script and belonging to the docker group could potentially execute root commands through docker containers
nothing would prevent such a user to mount / as a volume in his container and as docker runs as root you would have root access.
As I am the only user on my NAS it is not a problem, but something to think about if you have multiple users.
I hope that this will help you resolve your need if it arises :-)
If you have suggestions or just a thank you, you can always leave a comment below…