Nice command without root privileges

Solution 1

Unfortunately, I don't think that's easily doable.

If your dosemu process runs as a separate user, then you can set the priority of all processes of that user to a negative value using /etc/security/limits.conf.

EDIT: silly me, you cannot create a suid shell script, that just doesn't work.

EDIT2: OK, you can configure sudo such that it does not require you to give password when someone from the sudo group runs nice or renice. In a terminal window, enter

sudo visudo

This will open a simple text editor that will edit the configuration of sudo. Add the following line at the end of the file:

%sudo   ALL = (ALL) NOPASSWD: /usr/bin/nice,/usr/bin/renice

Exit the editor. The editor will make sure that the syntax is correct (otherwise one could break the system). Now, you can run

sudo nice -n -20 sudo -u $USER /some/program

and you will not get prompted for a password. In fact, nice will start another process called sudo with the -20 priority. This new sudo process will switch back to your original user (-u $USER, otherwise you would run the /some/program as root) and starts /some/program.

Solution 2

try this:

sudo -k nice -n -20 su -c "dosemu" $USER

while it is running, run this:

ps -A --forest -o pid,user,command |grep dosemu

you will see that nice was run with root privileges, but dosemu was run as normal $USER.

Understandind how safe it is: to make it sure that there is no flaw, try this where you will see it asks the password 2 times because sudo ls is run as normal $USER, so a script with sudo on it wont work unseen:

sudo -k nice -n -5 su -c "sudo ls" $USER

and this will ask password one time only as it is already root to sudo ls:

sudo -k nice -n -5 su -c "sudo ls" root

PS.: instead of dosemu, for tests, I used sleep 120, and sudo -k is for increased safety.

Author by

Tomasz Matoga

Updated on September 18, 2022