11-18-2008
But I am able to sudo su - test2 as test user. Which means test user is in sudo file isnt it?
Thanks for your reply.
10 More Discussions You Might Find Interesting
1. AIX
I want give a user "sar" permission, so I modify the sudoers file: unix1 is the group for users can use sar command
Cmnd_Alias RUN_SAR = /usr/sbin/sar
User_Alias UNIX1_USERS = %unix1
UNIX1_USERS ALL = NOPASSWD:RUN_SAR
However, when I run sar command, it shows:
$ sar 1 4
sar: The... (1 Reply)
Discussion started by: rainbow_bean
1 Replies
2. Shell Programming and Scripting
I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this:
#!/bin/bash
rsync /path/on/local/machine/ foo.com:path/on/remote/machine/
ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies
3. Ubuntu
I'm fairly new to unix and I was trying to change the name of my host and my user. I changed the name in /hostname using this: gksudo gedit /etc/hostname I then tried changing the name back but it still gave the same error: {env_reset,... (1 Reply)
Discussion started by: H3jck
1 Replies
4. UNIX for Dummies Questions & Answers
Hi,
I am using ubuntu 12.04 and every time I installed new program or do:
sudo apt-get install -f
I get the following mesage:
Download done.
sha256sum mismatch jdk-7u3-linux-x64.tar.gz
Oracle JDK 7 is NOT installed.
dpkg: error processing oracle-java7-installer (--configure):
subprocess... (2 Replies)
Discussion started by: programAngel
2 Replies
5. UNIX for Advanced & Expert Users
Hi
I am trying to automate the deployment of a tar ball onto a set of remote servers and am getting this error from the ssh -
sudo: no tty present and no askpass program specified
What I have done is add some code into the user's ssh key that does a few things like delete the existing... (2 Replies)
Discussion started by: steadyonabix
2 Replies
6. UNIX for Dummies Questions & Answers
Hi,
I have installed sudo on Solaris 10 (sparc). When I try to add a user I get the following:
-bash-3.00$ sudo addusr scarlet sudo
sudo: /usr/local/etc/sudoers.d is owned by uid 2, should be 0
Password:
I entered a password, thinking it was for the sudo user but it failed. Then I entered the... (3 Replies)
Discussion started by: Scarlet
3 Replies
7. Emergency UNIX and Linux Support
Im Using Centos Version
$ cat /etc/redhat-release
CentOS release 6.4 (Final)
I'm Using Sudo Version
$ sudo -V
Sudo version 1.8.6p3
Sudoers policy plugin version 1.8.6p3
Sudoers file grammar version 42
Sudoers I/O plugin version 1.8.6p3
tried to setup notification mail for sudo,... (2 Replies)
Discussion started by: babinlonston
2 Replies
8. Solaris
I cannot solve the following error bellow.
Can someone help me on this please?
Mar 31 07:08:45 serverx sudo: fork
Mar 31 07:18:50 serverx sudo: fork
Mar 31 07:28:45 serverx sudo: fork
Mar 31 07:38:47 serverx sudo: fork
Mar 31 07:48:45 serverx sudo: fork
Mar 31 07:58:45 serverx... (1 Reply)
Discussion started by: pangarano
1 Replies
9. Shell Programming and Scripting
Team ,
I am trying to sudo to instnace using a shell script .In out put i am getting this error for every line ...I am running this script as root ..
sudo su - userid -i db2 "command "
Error
/etc/profile: shopt: not found
how can we overcome this error ? Can someone help on... (1 Reply)
Discussion started by: rocking77
1 Replies
10. AIX
Hello,
I tried installing sudo on a lab AIX server. It has been successfully installed. but i still see the below errors.
/>sudo -V
Sudo version 1.8.27
Configure options: --prefix=/opt/freeware --sbindir=/opt/freeware/sbin --libdir=/opt/freeware/lib --mandir=/opt/freeware/man... (8 Replies)
Discussion started by: System Admin 77
8 Replies
LEARN ABOUT CENTOS
pam_ssh_agent_auth
pam_ssh_agent_auth(8) PAM pam_ssh_agent_auth(8)
PAM_SSH_AGENT_AUTH
This module provides authentication via ssh-agent. If an ssh-agent listening at SSH_AUTH_SOCK can successfully authenticate that it has
the secret key for a public key in the specified file, authentication is granted, otherwise authentication fails.
SUMMARY
/etc/pam.d/sudo: auth sufficient pam_ssh_agent_auth.so file=/etc/security/authorized_keys
/etc/sudoers:
Defaults env_keep += "SSH_AUTH_SOCK"
This configuration would permit anyone who has an SSH_AUTH_SOCK that manages the private key matching a public key in
/etc/security/authorized_keys to execute sudo without having to enter a password. Note that the ssh-agent listening to SSH_AUTH_SOCK can
either be local, or forwarded.
Unlike NOPASSWD, this still requires an authentication, it's just that the authentication is provided by ssh-agent, and not password entry.
ARGUMENTS
file=<path to authorized_keys>
Specify the path to the authorized_keys file(s) you would like to use for authentication. Subject to tilde and % EXPANSIONS (below)
allow_user_owned_authorized_keys_file
A flag which enables authorized_keys files to be owned by the invoking user, instead of root. This flag is enabled automatically
whenever the expansions %h or ~ are used.
debug
A flag which enables verbose logging
sudo_service_name=<service name you compiled sudo to use>
(when compiled with --enable-sudo-hack)
Specify the service name to use to identify the service "sudo". When the PAM_SERVICE identifier matches this string, and if PAM_RUSER
is not set, pam_ssh_agent_auth will attempt to identify the calling user from the environment variable SUDO_USER.
This defaults to "sudo".
EXPANSIONS
~ -- same as in shells, a user's Home directory
Automatically enables allow_user_owned_authorized_keys_file if used in the context of ~/. If used as ~user/, it would expect the file
to be owned by 'user', unless you explicitely set allow_user_owned_authorized_keys_file
%h -- User's Home directory
Automatically enables allow_user_owned_authorized_keys_file
%H -- The short-hostname
%u -- Username
%f -- FQDN
EXAMPLES
in /etc/pam.d/sudo
"auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys"
The default .ssh/authorized_keys file in a user's home-directory
"auth sufficient pam_ssh_agent_auth.so file=%h/.ssh/authorized_keys"
Same as above.
"auth sufficient pam_ssh_agent_auth.so file=~fred/.ssh/authorized_keys"
If the home-directory of user 'fred' was /home/fred, this would expand to /home/fred/.ssh/authorized_keys. In this case, we have not
specified allow_user_owned_authorized_keys_file, so this file must be owned by 'fred'.
"auth sufficient pam_ssh_agent_auth.so file=/secure/%H/%u/authorized_keys allow_user_owned_authorized_keys_file"
On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar/fred/authorized_keys. In this case, we specified
allow_user_owned_authorized_keys_file, so fred would be able to manage that authorized_keys file himself.
"auth sufficient pam_ssh_agent_auth.so file=/secure/%f/%u/authorized_keys"
On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar.baz.com/fred/authorized_keys. In this case, we
have not specified allow_user_owned_authorized_keys_file, so this file must be owned by root.
v0.8 2009-08-09 pam_ssh_agent_auth(8)