Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Sudo issue
Operating Systems AIX Sudo issue Post 302916675 by rbatte1 on Thursday 11th of September 2014 09:37:16 AM
Old 09-11-2014
It's in the thread already

Quote:
Originally Posted by guy3145
Code:
AIX-7-DEV.lab.[/usr/bin]ls -l /etc/sudoers
-r--r-----    1 root     system         3065 Sep 11 12:52 /etc/sudoers
AIX-7-DEV.lab.[/usr/bin]id
uid=284(logon) gid=1(staff)
AIX-7-DEV.lab.[/usr/bin]whoami
logon
AIX-7-DEV.lab[/usr/bin]ps -f
     UID     PID    PPID   C    STIME    TTY  TIME CMD
   logon 3801120 6291704   0 14:14:53  pts/0  0:00 ksh
   logon 5636122 7864570   0 14:35:07  pts/0  0:00 ps -f
 MorSudo 5963836 7143502   0 14:03:19  pts/0  0:00 bash
    root 6291704 5963836   0 14:14:02  pts/0  0:00 bash
   logon 6619344 7733378   0 14:33:00  pts/0  0:00 ksh
     guy 6947002 3801120   0 14:21:58  pts/0  0:00 ksh
    root 7077970 7405746   0 13:53:42  pts/0  0:00 -bash
    root 7143502 7929910   0 13:58:56  pts/0  0:00 bash
     guy 7667964 6619344   0 14:33:19  pts/0  0:00 ksh
     guy 7733378 7798916   0 14:32:52  pts/0  0:00 ksh
    root 7798916 6947002   0 14:32:10  pts/0  0:00 bash
   logon 7864570 7667964   0 14:33:27  pts/0  0:00 ksh
   logon 7929910 7077970   0 13:53:47  pts/0  0:00 ksh
AIX-7-DEV.lab.[/usr/bin]

---------- Post updated at 06:44 AM ---------- Previous update was at 06:41 AM ----------

with NOPASSWD argument in the sudoers file the sudo command working with no problems

---------- Post updated at 06:44 AM ---------- Previous update was at 06:44 AM ----------

with NOPASSWD argument in the sudoers file the sudo command working with no problems
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Sudo permission issue

folks; How can i give a group a sudo permission to execute only some command "like start/stop Apache", so every user in that group can sudo to use this as himself, i mean when he tries to sudo, he will be asked for a password (and make it so he must use his own NT password not a generic one) then... (6 Replies)
Discussion started by: Katkota
6 Replies

2. UNIX for Dummies Questions & Answers

Unable to use the Sudo command. "0509-130 Symbol resolution failed for sudo because:"

Hi! I'm very new to unix, so please keep that in mind with the level of language used if you choose to help :D Thanks! When attempting to use sudo on and AIX machine with oslevel 5.1.0.0, I get the following error: exec(): 0509-036 Cannot load program sudo because of the following errors:... (1 Reply)
Discussion started by: Chloe123
1 Replies

3. Shell Programming and Scripting

Issue in passing passwd to login into a sudo account

Hi Gurus, I have small issue... I used to pass the passwd for sudo commands like below, gzcat ~/passwd.gz | sudo su - <villin> >> eof ------ ----- ------ eof And it was able to login into "villin" sudo account successfully. But now, I'm using the same in another script for the... (2 Replies)
Discussion started by: raghu.iv85
2 Replies

4. UNIX for Dummies Questions & Answers

sudo login issue

I logged in through ssh, but can't re-login as root. sudo login Arch login: root Password: Login incorrect Arch login: But I am sure my password is right. Why? But on local tty1, this works. (2 Replies)
Discussion started by: vistastar
2 Replies

5. Shell Programming and Scripting

ssh foo.com sudo command - Prompts for sudo password as visible text. Help?

I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this: #!/bin/bash rsync /path/on/local/machine/ foo.com:path/on/remote/machine/ ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies

6. AIX

issue with cd command on sudo

Hi admins, I have installed sudo in aix 5.3 and configured sudoers file.Every command is working fine with sudo except cd . If i give sudo cd /etc/security it returns nothing.There is no pwd change and no any error messages. sudo -l command returns all executables including cd. sudo ls... (8 Replies)
Discussion started by: newaix
8 Replies

7. Shell Programming and Scripting

sudo: sorry, you must have a tty to run sudo

Hi All, I running a unix command using sudo option inside shell script. Its working well. But in crontab the same command is not working and its throwing "sudo: sorry, you must have a tty to run sudo". I do not have root permission to add or change settings for my userid. I can not even ask... (9 Replies)
Discussion started by: Apple1221
9 Replies

8. Shell Programming and Scripting

sudo: sorry, you must have a tty to run sudo

Hi, Have a need to run the below command as a "karuser" from a java class which will is running as "root" user. When we are trying to run the below command from java code getting the below error. Command: sudo -u karuser -s /bin/bash /bank/karunix/bin/build_cycles.sh Error: sudo: sorry,... (8 Replies)
Discussion started by: Satyak
8 Replies

9. Linux

Sudo issue

Dear All, I wanted to execute sqlplus using another user instead of oracle user. I have given user AA sudo permissions in such a way that it can execute all oracle related files. when i try the below command from user AA ,it is not working. sudo -u oracle sh -c sqlplus Error 6... (1 Reply)
Discussion started by: jegaraman
1 Replies

10. Red Hat

Sudo access issue

Hi, I have given access to user mwadmin in shudders file as : mwadmin ALL:NOPASSWD:/www/* /usr/* /opt/* However, not able to execute below command: sudo mkdir -p /usr/test password for mwadmin: Sorry, user mwadmin is not allowed to execute '/bin/mkdir -p /usr/test' as root. ... (4 Replies)
Discussion started by: saurau
4 Replies

LEARN ABOUT CENTOS

pam_ssh_agent_auth

pam_ssh_agent_auth(8)							PAM						     pam_ssh_agent_auth(8)

PAM_SSH_AGENT_AUTH
       This module provides authentication via ssh-agent.  If an ssh-agent listening at SSH_AUTH_SOCK can successfully authenticate that it has
       the secret key for a public key in the specified file, authentication is granted, otherwise authentication fails.

SUMMARY

       /etc/pam.d/sudo: auth	sufficient     pam_ssh_agent_auth.so file=/etc/security/authorized_keys
       /etc/sudoers:
	    Defaults	env_keep += "SSH_AUTH_SOCK"

       This configuration would permit anyone who has an SSH_AUTH_SOCK that manages the private key matching a public key in
       /etc/security/authorized_keys to execute sudo without having to enter a password. Note that the ssh-agent listening to SSH_AUTH_SOCK can
       either be local, or forwarded.

       Unlike NOPASSWD, this still requires an authentication, it's just that the authentication is provided by ssh-agent, and not password entry.

ARGUMENTS

       file=<path to authorized_keys>
	   Specify the path to the authorized_keys file(s) you would like to use for authentication. Subject to tilde and % EXPANSIONS (below)

       allow_user_owned_authorized_keys_file
	   A flag which enables authorized_keys files to be owned by the invoking user, instead of root. This flag is enabled automatically
	   whenever the expansions %h or ~ are used.

       debug
	   A flag which enables verbose logging

       sudo_service_name=<service name you compiled sudo to use>
	   (when compiled with --enable-sudo-hack)

	   Specify the service name to use to identify the service "sudo". When the PAM_SERVICE identifier matches this string, and if PAM_RUSER
	   is not set, pam_ssh_agent_auth will attempt to identify the calling user from the environment variable SUDO_USER.

	   This defaults to "sudo".

EXPANSIONS

       ~  -- same as in shells, a user's Home directory
	   Automatically enables allow_user_owned_authorized_keys_file if used in the context of ~/. If used as ~user/, it would expect the file
	   to be owned by 'user', unless you explicitely set allow_user_owned_authorized_keys_file

       %h -- User's Home directory
	   Automatically enables allow_user_owned_authorized_keys_file

       %H -- The short-hostname
       %u -- Username
       %f -- FQDN

EXAMPLES

       in /etc/pam.d/sudo

       "auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys"
	   The default .ssh/authorized_keys file in a user's home-directory

       "auth sufficient pam_ssh_agent_auth.so file=%h/.ssh/authorized_keys"
	   Same as above.

       "auth sufficient pam_ssh_agent_auth.so file=~fred/.ssh/authorized_keys"
	   If the home-directory of user 'fred' was /home/fred, this would expand to /home/fred/.ssh/authorized_keys.  In this case, we have not
	   specified allow_user_owned_authorized_keys_file, so this file must be owned by 'fred'.

       "auth sufficient pam_ssh_agent_auth.so file=/secure/%H/%u/authorized_keys allow_user_owned_authorized_keys_file"
	   On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar/fred/authorized_keys.	In this case, we specified
	   allow_user_owned_authorized_keys_file, so fred would be able to manage that authorized_keys file himself.

       "auth sufficient pam_ssh_agent_auth.so file=/secure/%f/%u/authorized_keys"
	   On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar.baz.com/fred/authorized_keys.	In this case, we
	   have not specified allow_user_owned_authorized_keys_file, so this file must be owned by root.

v0.8								    2009-08-09						     pam_ssh_agent_auth(8)
All times are GMT -4. The time now is 02:47 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy