03-28-2011
Probably because you're trying to run the script as user "gtscm", while sudo is configured to allow running the script as "scmtg". To avoid getting such error messages, run sudo -l first, as it will list all allowed commands for a user.
10 More Discussions You Might Find Interesting
1. Linux
Hi,
I have edited 'sudoers' file to allow 'cads' user shutdown the system without providing a password.
Can someone tell me what's wrong with my file?
It's not working when I 'sudo SHUTDOWN' command:
sudo: SHUTDOWN: command not found
Thanks a lot!
# Host alias specification... (4 Replies)
Discussion started by: whatisthis
4 Replies
2. UNIX for Advanced & Expert Users
Does anyone know of a utility that can parse through a sudoers file and create an "expansion" dump of all users defined in the User Specification, outputting user, host, and command based on all defined Aliases? (3 Replies)
Discussion started by: jasondavey
3 Replies
3. Solaris
root@dervish # cat /etc/sudoers
cat: cannot open /etc/sudoers
This is what I get when I try to search for the sudoers files. I want to create a user by name jda and assign him root privileges. How can I do that using sudo command and editing sudoers file.
Please help me. (12 Replies)
Discussion started by: bharu_sri
12 Replies
4. UNIX for Advanced & Expert Users
i have defined a rule in the sudoers file so a specific user is able to run some commands as sudo with no password.
my question is: is it possible to restrict a user to run commands as sudo only in a certain directory? for example: chown only the files that are located in /var/tmp.
Thank you.
... (2 Replies)
Discussion started by: noam128
2 Replies
5. Solaris
All,
I have sudo setup installed on my Soalris 10 box. Everything working fine as expected. I would like to setup granular level access for one of the user
I use Rational Clearcase application which has its own command prompt /usr/atria/bin/cleartool
Once i invloked i can run its... (4 Replies)
Discussion started by: baluchen
4 Replies
6. UNIX for Advanced & Expert Users
Hi All,
I am trying to make use of Runas_Alias feature of sudoers. Some how I am not able to. Hope someone can help me. Thanks in advance.
I want the script /app2/run to be run as user "operator" when executed by the user engg. The /app2/run is just a sample script with "id" command in it for... (1 Reply)
Discussion started by: ahamed101
1 Replies
7. Cybersecurity
Hi all,
I'm trying to setup my sudoer file at work to have the right security, but I'm not able to refine to the level I want.
Here's what I would like to have:
=> OS Users
- John (group staff)
- Bob (group staff)
- app20adm (group app20grp)
- app70adm (group app70grp)
- sys20adm... (0 Replies)
Discussion started by: victorbrca
0 Replies
8. Emergency UNIX and Linux Support
Hi,
I need the details of which ids belong to the sudoers file, and which groups these ids belong to.
Can anyone suggest a way to derive that information into a flat file please?
G (4 Replies)
Discussion started by: ggayathri
4 Replies
9. UNIX for Dummies Questions & Answers
Hi
using Solaris 10. trying to update /etc/sudoers file
I need to add all the fist level operation team. This is what I have but it doesn't seem to work. Please help.Error message
sudo su -
>>> sudoers file: parse error, line 9 <<<
>>> sudoers file: parse error, line 9 <<<
... (2 Replies)
Discussion started by: samnyc
2 Replies
10. Solaris
In the sudoers file in Solaris...
I am trying to limit the DEVELOPER user privileges to where those users can only use the “rm” command in certain directories. This is to prevent them from deleting directories or files and destroying a server. I want them to be able to use the "rm" command but... (1 Reply)
Discussion started by: nzonefx
1 Replies
LEARN ABOUT DEBIAN
molly-guard
MOLLY-GUARD(8) [FIXME: manual] MOLLY-GUARD(8)
NAME
molly-guard - guard against accidental shutdowns/reboots
SYNOPSIS
shutdown [-hV] [--molly-guard-do-nothing] [-- script_options]
halt [-hV] [--molly-guard-do-nothing] [-- script_options]
reboot [-hV] [--molly-guard-do-nothing] [-- script_options]
poweroff [-hV] [--molly-guard-do-nothing] [-- script_options]
DESCRIPTION
molly-guard attempts to prevent you from accidentally shutting down or rebooting machines. It does this by injecting a couple of checks
before the existing commands: halt, reboot, shutdown, and poweroff. This happens via scripts with the same names in /usr/sbin, so it only
works if you have /usr/sbin before /sbin in your PATH!
Before molly-guard invokes the real command, all scripts in /etc/molly-guard/run.d/ have to run and exit successfully; else, it aborts the
command. run-parts(1) is used to process the directory.
molly-guard passes any script_options to the scripts, and also populates the environment with the following variables:
o MOLLYGUARD_CMD - the actual command invoked by the user.
o MOLLYGUARD_DO_NOTHING - set to 1 if this is a demo-run.
o MOLLYGUARD_SETTINGS - the path to a shell script snippet which scripts can source to obtain settings.
molly-guard prints the contents of /etc/molly-guard/messages.d/COMMAND or /etc/molly-guard/messages.d/default to the console, if either
exists. This is due to /etc/molly-guard/run.d/10-print-message.
GUARDING SSH SESSIONS
molly-guard was primarily designed to shield SSH connections. This functionality (which should arguably be provided by the openssh-server
package) is implemented in /etc/molly-guard/run.d/30-query-hostname.
This script first tests whether the command is being executed from a tty which has been created by sshd. It also checks whether the
variable SSH_CONNECTION is defined. If any of these tests are successful, test script queries the user for the machine's hostname, which
should be sufficient to prevent the user from doing something by accident.
You can pass the --pretend-ssh script option to molly-guard to pretend that those tests succeeds. Alternatively, setting
ALWAYS_QUERY_HOSTNAME in /etc/molly-guard/rc causes the script to always query.
The following situations are still UNGUARDED. If you can think of ways to protect against those, please let me know!
o running sudo within screen or screen within sudo; sudo eats the SSH_CONNECTION variable, and screen creates a new pty.
o executing those command in a remote terminal window, that is a XTerm started on a remote machine but displaying on the local X server.
You have been warned. You can use the --molly-guard-do-nothing switch to prevent anything from happening, e.g. halt
--molly-guard-do-nothing.
OPTIONS
--molly-guard-do-nothing
Cause molly-guard to print the command which would be executed, after processing all scripts, instead of executing it.
-h, --help
Display usage information.
-V, --version
Display version information.
SEE ALSO
shutdown(8), halt(1), reboot(8), poweroff(8).
LEGALESE
molly-guard is copyright by martin f. krafft. Andrew Ruthven came up with the idea of using the scripts directory and submitted a patch,
which I modified a bit.
This manual page was written by martin f. krafft madduck@madduck.net.
Permission is granted to copy, distribute and/or modify this document under the terms of the Artistic License 2.0
COPYRIGHT
Copyright (C) 2008 martin f. krafft
[FIXME: source] Apr 19, 2008 MOLLY-GUARD(8)