DustinT,
Sorry that my fix didn't work. Every time I make a zone I have to do that step. What hergp is trying tohave you do is a loop back, which is done in sparse zones a lot. I don't use these.
What I would like you to do now is compare your sudo setting on your global zone which works to the zone which doesn't work.
Code:
ls -l /usr/local/sbin/visudo
---x--x--x 1 root root 249604 Nov 18 01:09 visudo
ls - /usr/local/bin/sudo
---s--x--x 1 root root 249604 Nov 18 01:09 /usr/local/bin/sudo
id
uid=2708(bitlord) gid=2001(users) groups=14(sysadmin)
Hi Guys
I am using this version of Linux box (as shown below). I am unable to send email from the box. But I am not getting any errors while sending email. :mad:
Any idea what could be the reason? What entry should I check? :confused:
$ uname -a
Linux machine-name 2.4.21-144-smp4G #1... (6 Replies)
HI All,
Is it possible to configure SUDO in non-global zones in a solaris 10 env?
If yes, can you please provide the steps to configure.
Thanks in advance.
Regards,
Sagar. (2 Replies)
Hi Everyone,
I have installed open solaris 10 on one of the x86 machines available but inspite of configuring the IP i am unable to access the machine through the network.
Can anyone please help me wih the settings required to access the machine across the network.Its really Urg..Any help is... (13 Replies)
Hi! I'm very new to unix, so please keep that in mind with the level of language used if you choose to help :D Thanks!
When attempting to use sudo on and AIX machine with oslevel 5.1.0.0, I get the following error:
exec(): 0509-036 Cannot load program sudo because of the following errors:... (1 Reply)
Hi All,
I have installed Solaris 10 on my AMD 64 3000+ system. I was playing with grub commands eeprom and bootadm commands. I screwed my boot-file and now am unable to boot the system. Gets error msg as "panic: cannot open /kernel/amd64/unix". I booted the system is filesafe and tried update the... (2 Replies)
Hello,
I'm running rhel6 64bit. Accidentally I ran % chmod -R 777 /etc and after that I have a problem to do 'su' or 'sudo'. When I did sudo it complained that /etc/sudoers has 777 while it should be 0440. I changed that and also restored right permission for:
-rw-r--r-- 1 root root 1966 May 19... (2 Replies)
Hi there,
I'm sorry in advance if my question seems stupid, but I can't figure out myself.
I was wondering. Is it possible to install a Solaris program on an Open Solaris or Open Indiana operating system?
After searching the web for a long time, it seems that Open Solaris was released by... (7 Replies)
Hi All
Kindly let me know how can I move Solaris 10 OS running update 10 on physical machine to another machine solaris zone running Solaris 10 update 11 (2 Replies)
tldr; after SRU patches applied on newly created boot environment, reboot with ability to log into global zone but unable to "fully" log into non-global-zones.
Without going into much detail here's what we did;
1) Activated new boot environment with latest SRU patches from Oracle
2)... (1 Reply)
Discussion started by: samthewildone
1 Replies
LEARN ABOUT LINUX
sudo_root
sudo_root(8) System Manager's Manual sudo_root(8)NAME
sudo_root - How to run administrative commands
SYNOPSIS
sudo command
sudo -i
INTRODUCTION
By default, the password for the user "root" (the system administrator) is locked. This means you cannot login as root or use su. Instead,
the installer will set up sudo to allow the user that is created during install to run all administrative commands.
This means that in the terminal you can use sudo for commands that require root privileges. All programs in the menu will use a graphical
sudo to prompt for a password. When sudo asks for a password, it needs your password, this means that a root password is not needed.
To run a command which requires root privileges in a terminal, simply prepend sudo in front of it. To get an interactive root shell, use
sudo -i.
ALLOWING OTHER USERS TO RUN SUDO
By default, only the user who installed the system is permitted to run sudo. To add more administrators, i. e. users who can run sudo, you
have to add these users to the group 'admin' by doing one of the following steps:
* In a shell, do
sudo adduser username admin
* Use the graphical "Users & Groups" program in the "System settings" menu to add the new user to the admin group.
BENEFITS OF USING SUDO
The benefits of leaving root disabled by default include the following:
* Users do not have to remember an extra password, which they are likely to forget.
* The installer is able to ask fewer questions.
* It avoids the "I can do anything" interactive login by default - you will be prompted for a password before major changes can happen,
which should make you think about the consequences of what you are doing.
* Sudo adds a log entry of the command(s) run (in /var/log/auth.log).
* Every attacker trying to brute-force their way into your box will know it has an account named root and will try that first. What they do
not know is what the usernames of your other users are.
* Allows easy transfer for admin rights, in a short term or long term period, by adding and removing users from the admin group, while not
compromising the root account.
* sudo can be set up with a much more fine-grained security policy.
* On systems with more than one administrator using sudo avoids sharing a password amongst them.
DOWNSIDES OF USING SUDO
Although for desktops the benefits of using sudo are great, there are possible issues which need to be noted:
* Redirecting the output of commands run with sudo can be confusing at first. For instance consider
sudo ls > /root/somefile
will not work since it is the shell that tries to write to that file. You can use
ls | sudo tee /root/somefile
to get the behaviour you want.
* In a lot of office environments the ONLY local user on a system is root. All other users are imported using NSS techniques such as
nss-ldap. To setup a workstation, or fix it, in the case of a network failure where nss-ldap is broken, root is required. This tends to
leave the system unusable. An extra local user, or an enabled root password is needed here.
GOING BACK TO A TRADITIONAL ROOT ACCOUNT
This is not recommended!
To enable the root account (i.e. set a password) use:
sudo passwd root
Afterwards, edit the sudo configuration with sudo visudo and comment out the line
%admin ALL=(ALL) ALL
to disable sudo access to members of the admin group.
SEE ALSO sudo(8), https://wiki.ubuntu.com/RootSudo
February 8, 2006 sudo_root(8)