How to Run Shell Scripts with Sudo Command in Linux

sudo is a powerful command line tool that enables a “permitted user” to run a command as another user (the superuser by default), as defined by a security policy. On most if not all Linux systems, the security policy is driven by the /etc/sudoers file.

Read Also: 10 Useful Sudoers Configurations for Setting ‘sudo’ in Linux

Therefore, to run a shell script or program as root, you need to use sudo command. However, sudo only recognizes and runs commands that exist in directories specified in the secure_path in the /etc/sudoers, unless a command is present in the secure_path, you’ll counter an error such as the one below.

This will happen even if the script exists in a directory in the PATH environmental variable, because when a user invokes sudo, PATH is replaced with secure_path.

$ echo  $PATH
$ ls  -l
$ sudo proconport.sh 80
Sudo Error While Running Script
Sudo Error While Running Script

In the above scenario, the directory /home/aaronkilik/bin is in the PATH environment variable and we are trying to run the script /home/aaronkilik/bin/proconport.sh (finds process listening on a port) with root privileges.

Then we encountered the error “sudo: proconport.sh: command not found”, since /home/aaronkilik/bin is not in the sudo secure_path as shown in next screenshot.

Check Sudo Secure Path
Check Sudo Secure Path

To fix this, we need to add the directory containing our scripts in the sudo secure_path by using the visudo command by editing /etc/sudoers file as follows.

$ sudo visudo

Attention: This method has serious security implications especially on servers running on the Internet. This way, we risk exposing our systems to various attacks, because an attacker who manages to gain access to an unsecure (without superuser privileges) directory that has been added to secure_path, can run a malicious script/program with sudo command.

For security reason, do check out the following article from the sudo website explains a vulnerability relating to secure_path: https://www.sudo.ws/sudo/alerts/secure_path.html

Preferably, we can provide the absolute path to a script while running it with sudo:

$ sudo ./proconport.sh 80
Run Script Using Sudo Command
Run Script Using Sudo Command

That’s It! You may follow list of articles about sudo command:

  1. How to Run ‘sudo’ Command Without Entering a Password in Linux
  2. How to Keep ‘sudo’ Password Timeout Session Longer in Linux
  3. How to Fix “Username is not in the sudoers file. This incident will be reported” in Ubuntu
  4. Let Sudo Insult You When You Enter Incorrect Password

If you have any questions or thoughts concerning this article, share with us via the comment form below.

Tutorial Feedback...
Was this article helpful? If you don't find this article helpful or found some outdated info, issue or a typo, do post your valuable feedback or suggestions in the comments to help improve this article...

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

Support Us

We are thankful for your never ending support.

5 thoughts on “How to Run Shell Scripts with Sudo Command in Linux”

  1. Sure would have been nice to include *HOW* to “edit with visudo” in this tutorial.

    The program seems to have zero instructions, and most folks will have never used it before.

    Reply
  2. I seem to always turn to tecmint for just about everything. Thanks for all you do. This has become my main go to site.

    Reply
  3. Thanks – I learned something today. :)

    However, hoping you might be able to advise why this occurs?

    $ sudo cat /etc/sudoers | grep secure_path
    Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
    $ sudo echo $secure_path
    

    No output? Shouldn’t $secure_path be set?

    Reply

Got something to say? Join the discussion.

Have a question or suggestion? Please leave a comment to start the discussion. Please keep in mind that all comments are moderated and your email address will NOT be published.