use sudo command but NOT be in 'admin' or 'wheel'

[meancode]

related thread (http://forums.macosxhints.com/showth...&threadid=1360) i concocted an apple script to change the startup system folder. only problem is 'bless' needs to be run as root. and if the user is not setup with admin privs, it cannot use the sudo command b/c they are in the wrong group. i realize this is a security measure, but is there a wat around this. so that i can have my script and eat it too. i would like to be able to run the script as a non admin. can anyone help? i posted this seperate b/c it is more or less a general question for any command that reguires to be run as root.

[maclaw]

you can add additional users or groups to the sudoers file (using visudo) but giving sudo privileges to a non-admin is (as you suggested) a major security risk. In fact, it sort of defeats the whole purpose of using a non-admin user account.

[mervTormel]

you can add your user to the sudoers file AND specify which commands they are allowed to run...

user host=command(s)

# User privilege specification
root ALL=(ALL) ALL
%admin ALL=(ALL) ALL
betty saturn=/usr/sbin/bless,/sbin/shutdown

gives user betty on host saturn the ability to run bless and shutdown

check the sudoers man pages for exact syntax and test test test on a test user

[WillyT]

If you're logged in to an non-admin account you can su to your admin account and sudo from there.

Not as elegant as adding to sudoers list but great for fixing things while testing or assisting another account.

But remember to exit if you're doing an assist.

Another possibility is to have the script run as setuid.

Code:

sudu chmod 4755 TheScript

Be careful here as I believe the WHOLE script will run as root.
So you may want to make just the one root command in a script and call it from another.