60

I need to run a shell script in Jenkins as root instead of the default user. What do I need to change?

My sudoers file is like this:

# User privilege specification
root    ALL=(ALL) ALL
igx     ALL=(ALL) ALL
%wheel  ALL=(ALL) ALL

# Allow members of group sudo to execute any command
# (Note that later entries override this, so you might need to move
%sudo   ALL=(ALL) ALL
#
#includedir /etc/sudoers.d

# Members of the admin group may gain root privileges
%admin  ALL=(ALL) NOPASSWD:ALL
root    ALL=(ALL) ALL
jenkins ALL=NOPASSWD: /var/lib/jenkins/workspace/ing00112/trunk/source/
jenkins ALL=(ALL) NOPASSWD:ALL
#Defaults:jenkins !requiretty
Rob Bajorek
  • 6,382
  • 7
  • 44
  • 51
Mahesh
  • 705
  • 3
  • 8
  • 17
  • possible duplicate of [how to run jenkins as super user?](http://stackoverflow.com/questions/11841140/how-to-run-jenkins-as-super-user) – Mark O'Connor Aug 09 '12 at 23:36

5 Answers5

98

You must run the script using sudo:

sudo /path/to/script

But before you must allow jenkins to run the script in /etc/sudoers.

jenkins    ALL = NOPASSWD: /path/to/script
kta
  • 19,412
  • 7
  • 65
  • 47
Igor Chubin
  • 61,765
  • 13
  • 122
  • 144
  • @Igore Thanks ... You are 100% correct ... And i used expect command to run script as a super user :) – Mahesh Jan 17 '13 at 07:09
  • 3
    If you want to execute shell script change to: "jenkins ALL=NOPASSWD: /bin/sh, /path/to/script" and then you can run "sudo sh /path/to/script" – TroodoN-Mike Sep 02 '14 at 16:21
  • 2
    for use only a command the link http://www.atrixnet.com/allow-an-unprivileged-user-to-run-a-certain-command-with-sudo/ can help; im my case I needed to use not a script but a command 'scp'; you tips were helpful too; thx – Yauhen Mar 15 '15 at 20:15
  • That executes an script as sudo but not as root, which is not the same for some cases. – VicoMan May 04 '15 at 14:00
  • Do you mean /etc/sudoers.d/ directory? I only find a README file there... where do I add that line? – nirvanaswap Jul 06 '16 at 18:54
  • 1
    @nirvanaswap: sudoers.d is a directory with files that are automatically included in /etc/sudoers – Igor Chubin Jul 07 '16 at 06:46
  • 2
    @Igor Chubin's answer is 100% correct, but never open sudoer file with a normal editor. always use visudo `sudo visudo`. This will take you to /etc/sudoers and upon saving it will make sure that there is no error in formatting.f you make an error in sudoer file, you will lose sudo access, so always use visudo – Lav Patel Sep 01 '17 at 14:26
  • @contactlp: But I didnt't state that we use a normal editot to edit /etc/sudoers. I just said that we need this line in this file – Igor Chubin Sep 06 '17 at 02:01
21

@Igor Chubin's answer is 100% correct, but never open sudoer file with a normal editor. always use visudo

just type 

sudo visudo

this will take you to /etc/sudoers and upon saving it will make sure that there is no error in formatting.

if you make an error in sudoer file, you will lose sudo access, so always use visudo

Lav Patel
  • 1,027
  • 1
  • 8
  • 12
7

I do realise I'm late to the party on this question, but for reference sake I thought I'd throw my 2c in here: I use the SSH plugin for Jenkins to accomplish this (simply configure a localhost target). In this way, I can contain the script directly within Jenkins (like a normal "Execute shell" step), instead of using sudo to invoke an external script.

Nathan Crause
  • 874
  • 10
  • 7
2

Try adding jenkins user to sudo group

sudo su -
usermod -a -G sudo jenkins
edbighead
  • 5,607
  • 5
  • 29
  • 35
user13749276
  • 21
  • 1
1

Easy way to do it
enter image description here

$ sudo visudo
## Now add the below lines in your sudoers file :
jenkins ALL=(ALL) NOPASSWD: ALL

$service jenkins start
Willie Cheng
  • 7,679
  • 13
  • 55
  • 68