How to run a cron job using the sudo command

cron

I won't get into how much this is a bad idea; simply put, running sudoin crontab requires your password to be stored somewhere in plaintext.

It's a bad idea.

The following is the preferred method of running administrative tasks through cron. Since you don't really need to write sudo in the crontab, if you are modifying root's crontab.

Use root's crontab

Run the following command: 

sudo crontab -e

This opens up root's crontab. sudo is not necessary to run your command in this context, since it'll be invoked as root anyway.

Therefore, you would simply append the following to root's crontab.

@hourly rm somefile

Now, if you absolutely want to be unsafe and take risks with your password, the following will run your command from your own crontab, and enter your password automatically when prompted by sudo.

Again, this is not recommended.

In your own crontab, write your command like so:

@hourly echo "password" | sudo -S rm somefile

The obvious disadvantage here is that, should anyone ever access your crontab, your password will be readable in plaintext.

You shouldn't do this.


If you are putting the script from one of the cron directories (/etc/cron.*) then you don't need to use sudo as that is running as root.

If you are using crontab, then you will want to use root's crontab. This will run it as root, and also not need sudo.

sudo crontab -e

Run following command in terminal 

sudo visudo

Added the following line to the end of the file:

vidyadhar  ALL= NOPASSWD: /bin/rm

In the above example vidyadhar is the username and it will not ask for password if you are running rm command through vidyadhar.


Sometimes it is necessary for root to execute a command as a specific user of the system. For example, with borgbackup, it is common to have root check the warehouse using the borg user. if the task must be executed once a day, we will use the /etc/cron.daily folder, like that:

# cat /etc/cron.daily/borgbackup_check

#!/bin/bash
sudo -u borg borg check /borgbackup >> /var/log/borgbackup.log

where "-u borg" is used take the identity of the borg user, "borg" is the borg command and "/borgbackup" is the wharehouse.

Related

Not able to execute a .sh file: /bin/bash^M: bad interpreter
How to exclude/ignore hidden files and directories in a wildcard-embedded "find" search?
cannot change screen size from 640x480 after 14.04 installation on VirtualBox OSX [duplicate]
Is it possible to make writing to .bash_history immediate?
How to enable mod_rewrite in Apache?
Moving folder and subfolder to another path
How to set default Java version?
What does "TTY" stand for?
How do I delete my commands quickly?
How do I run a single command at startup using systemd?
Sorted vs Sorted out
"Majority" is to "plurality" as "minority" is to what?