Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Sudo command problem
Top Forums UNIX for Advanced & Expert Users Sudo command problem Post 302296883 by pludi on Thursday 12th of March 2009 05:33:49 AM
Old 03-12-2009
The admins probably created a NOPASSWD rule for that specific command (path and all) in the sudoers file. If you change it, that rule no longer catches, and so the password prompt is displayed.
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

problem with sudo su and .sh script

here is my script: #!/bin/sh cd /Users/a echo "what is the name of the file u want?" read var1 var1=$var1... (1 Reply)
Discussion started by: cleansing_flame
1 Replies

2. Solaris

Sudo for a command

I am trying to set up sudo for a command, but do not want to specify the arguments that can be passed into it. I want the user who is using sudo to be able to pass in the arguments they want. I am fairly sure I know how to do this with RBAC in Solaris 10, but for reasons I will not get into I... (1 Reply)
Discussion started by: synchro
1 Replies

3. UNIX for Advanced & Expert Users

Sudo command

Hello, What does the below sudo command provide access to, does it allow a user to su to any other user except root. sudo !/usr/bin/su * (1 Reply)
Discussion started by: sophos
1 Replies

4. Shell Programming and Scripting

shell script problem , sudo mount command

cat test.sh sudo mount -t vfat /dev/sda7 /media/Ddrive If i double click the test.sh file and select run in terminal then the terminal prompts for password. How can i avoid typing password? Or if i double click test.sh file and select run then nothing happens. What i'm trying "Double... (3 Replies)
Discussion started by: cola
3 Replies

5. UNIX for Dummies Questions & Answers

Unable to use the Sudo command. "0509-130 Symbol resolution failed for sudo because:"

Hi! I'm very new to unix, so please keep that in mind with the level of language used if you choose to help :D Thanks! When attempting to use sudo on and AIX machine with oslevel 5.1.0.0, I get the following error: exec(): 0509-036 Cannot load program sudo because of the following errors:... (1 Reply)
Discussion started by: Chloe123
1 Replies

6. Linux

Sudo Problem?

Hi I wanted to add a group using 1 id which is not root but has some sudo privileges. test@test>sudo -l gives this (root) NOPASSWD: /usr/bin/passwd, /usr/sbin/useradd, /usr/sbin/usermod, /usr/sbin/userdel, /usr/bin/tee, /usr/bin/grep, /bin/grep, /usr/bin/chmod, /bin/chmod, /usr/bin/echo,... (1 Reply)
Discussion started by: datkan
1 Replies

7. Solaris

Problem with password expire and sudo.

Hi, I have a small problem that I need to address regarding the password expiration for a number of different oracle accounts. Currently I have the MAXWEEKS set to 12 in the /etc/default/passwd file for all accounts. I also have sudo installed on the server and users access the oracle accounts... (2 Replies)
Discussion started by: sparcman
2 Replies

8. UNIX for Dummies Questions & Answers

Problem with Sudo inside a here document

Have a sudo statement inside of a here document. It prompts me for a password, but doesnt wait for me to enter my password. Is there a way I can use the command without sudo or anyway that I can enter the password correctly? Eg : while read remotehost do ssh -t $2@$remotehost ... (0 Replies)
Discussion started by: mnanavati
0 Replies

9. Shell Programming and Scripting

ssh foo.com sudo command - Prompts for sudo password as visible text. Help?

I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this: #!/bin/bash rsync /path/on/local/machine/ foo.com:path/on/remote/machine/ ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies

10. HP-UX

Problem using sudo with NOPASSWD

I need to configure access for a user in an HP-UX to : 1) use certain commands and 2) login as another user as a sudo. These have to be done WITHOUT the user needing to enter a password. However, after I enter the lines using visudo, there is a prompt for a password when the user... (3 Replies)
Discussion started by: aigini82
3 Replies

LEARN ABOUT CENTOS

firewalld.direct

FIREWALLD.DIRECT(5)						 firewalld.direct					       FIREWALLD.DIRECT(5)

NAME

       firewalld.direct - firewalld direct configuration file

SYNOPSIS

       /etc/firewalld/direct.xml

DESCRIPTION

       A firewalld direct configuration file contains the information about permanent direct chains and rules. These are the chains, rules and
       passthrough ...

       This is the structure of a direct configuration file:

	   <?xml version="1.0" encoding="utf-8"?>
	   <direct>
	     [ <chain ipv="ipv4|ipv6" table="table" chain="chain"/> ]
	     [ <rule ipv="ipv4|ipv6" table="table" chain="chain" priority="priority"> args </rule> ]
	     [ <passthrough ipv="ipv4|ipv6"> args </passthrough> ]
	   </direct>

   direct
       The mandatory direct start and end tag defines the direct. This tag can only be used once in a direct configuration file. There are no
       attributes for direct.

   chain
       Is an optional empty-element tag and can be used several times. It can be used to define names for additional chains. A chain entry has
       exactly three attributes:

       ipv="ipv4|ipv6"
	   The IP family where the chain will be created. This can be either ipv4 or ipv6.

       table="table"
	   The table name where the chain will be created. This can be one of the tables that can be used for iptables or ip6tables. For the
	   possible values, please have a look at the TABLES section in the iptables man pages: For ipv="ipv4" in iptables(8), for ipv="ipv6" in
	   ip6tables(8).

       chain="chain"
	   The name of the chain, that will be created. Please make sure that there is no other chain with this name already.

       Please remember to add a rule or passthrough rule with an --jump or --goto option to connect the chain to another one.

   rule
       Is an optional element tag and can be used several times. It can be used to add rules to a built-in or added chain. A rule entry has
       exactly four attributes:

       ipv="ipv4|ipv6"
	   The IP family where the rule will be added. This can be either ipv4 or ipv6.

       table="table"
	   The table name where the chain will be created. This can be one of the tables that casn be used for iptables or ip6tables. For the
	   possible values, please have a look at the TABLES section in the iptables man pages: For ipv="ipv4" in iptables(8), for ipv="ipv6" in
	   ip6tables(8).

       chain="chain"
	   The name of the chain where the rule will be added. This can be either a built-in chain or a chain that has been created with the chain
	   tag.

       priority="priority"
	   The priority is used to order rules. Priority 0 means add rule on top of the chain, with a higher priority the rule will be added
	   further down. Rules with the same priority are on the same level and the order of these rules is not fixed and may change. If you want
	   to make sure that a rule will be added after another one, use a low priority for the first and a higher for the following.

       The args can be any arguments of iptables or ip6tables, that do not conflict with the table or chain attributes.

       If the chain name is a built-in chain, then the rule will be added to chain_direct, else the supplied chain name is used.  chain_direct is
       created internally for all built-in chains to make sure that the added rules do not conflict with the rules created by firewalld.

   passthrough
       Is an optional element tag and can be used several times. It can be used to add rules to a built-in or added chain. A rule entry has
       exactly one attribute:

       ipv="ipv4|ipv6"
	   The IP family where the passthrough rule will be added. This can be either ipv4 or ipv6.

       The args can be any arguments of iptables or ip6tables.

       The passthrough rule will be added to the chain directly. There is no mechanism like for the direct rule above. The user of the passthrough
       rule has to make sure that there will be no conflict with the rules created by firewalld.

EXAMPLE

       Blacklisting of the networks 192.168.1.0/24 and 192.168.5.0/24 with logging and dropping early in the raw table:

	   <?xml version="1.0" encoding="utf-8"?>
	   <direct>
	     <chain ipv="ipv4" table="raw" chain="blacklist"/>
	     <rule ipv="ipv4" table="raw" chain="PREROUTING" priority="0">-s 192.168.1.0/24 -j blacklist</rule>
	     <rule ipv="ipv4" table="raw" chain="PREROUTING" priority="1">-s 192.168.5.0/24 -j blacklist</rule>
	     <rule ipv="ipv4" table="raw" chain="blacklist" priority="0">-m limit --limit 1/min -j LOG --log-prefix "blacklisted: "</rule>
	     <rule ipv="ipv4" table="raw" chain="blacklist" priority="1">-j DROP</rule>
	   </direct>

SEE ALSO

       firewall-applet(1), firewalld(1), firewall-cmd(1), firewall-config(1), firewalld.conf(5), firewalld.direct(5), firewalld.icmptype(5),
       firewalld.lockdown-whitelist(5), firewall-offline-cmd(1), firewalld.richlanguage(5), firewalld.service(5), firewalld.zone(5),
       firewalld.zones(5)

NOTES

       firewalld home page at fedorahosted.org:
	   http://fedorahosted.org/firewalld/

       More documentation with examples:
	   http://fedoraproject.org/wiki/FirewallD

AUTHORS

       Thomas Woerner <twoerner@redhat.com>
	   Developer

       Jiri Popelka <jpopelka@redhat.com>
	   Developer

firewalld 0.3.9 													       FIREWALLD.DIRECT(5)
All times are GMT -4. The time now is 06:31 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy