Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: entry in /etc/group too long - problem using sudo with %group
Operating Systems Solaris entry in /etc/group too long - problem using sudo with %group Post 59440 by poli on Monday 20th of December 2004 12:20:23 PM
Old 12-20-2004
entry in /etc/group too long - problem using sudo with %group
hi folks,
I've been googling for quite some time, but still can't find anything near it...my problem is the following:
for useradministration in our company we are using ssh/sudo, now whenever I try to add users (we have quite a number of users) with useradd -G groupname for secondary group I can only get up to 512 bytes in a line for a group entry, or in other words the secondary group can only hold up to 512 characters, which is not really enough for the amount of users we are using. the problem is also, that sudo relies in our landscape on %group entries for different secondary groups, but since the secondary groups can't hold enogh users, not all the users who normally should can run sudo!
did anyone come across this problem before?
how do you manage the user authentification with a large number of users using sudo?
thanks a lot!
poli
 

9 More Discussions You Might Find Interesting

1. UNIX and Linux Applications

Edit/update an /etc/group database entry (c/c++)

Hello I'm writing a program for managing accounts and groups in a linux system. My problem is how to update the members of a group in the /etc/group file,if i have to add/remove those members. total 3 variables for adding some new members to the group : char **oldmembers=grp->gr_mem; ... (1 Reply)
Discussion started by: mekos
1 Replies

2. Shell Programming and Scripting

Merge group numbers and add a column containing group names

Hi All I do have a file like this with 6 columns. Groups of data merge together and the group number is indicated above each group. 1 1 12 26 289 3.2e-027 GCGTATGGCGGC 2 12 26 215 6.7e+006 TTCCACCTTTTG 3 9 26 175 ... (1 Reply)
Discussion started by: Lucky Ali
1 Replies

3. Shell Programming and Scripting

Sort the file contents in each group....print the group title as well

I've this file and need to sort the data in each group File would look like this ... cat file1.txt Reason : ABC 12345-0023 32123-5400 32442-5333 Reason : DEF 42523-3453 23345-3311 Reason : HIJ 454553-0001 I would like to sort each group on the last 4 fileds and print them... (11 Replies)
Discussion started by: prash184u
11 Replies

4. Solaris

Can't sudo Using Group Permission

All: I'm having a problem with sudo on Solaris 5.10 that is giving me fits (and BTW, I'm a Linux admin by trade...). The issue is that I have a number of users (myself included) that cannot sudo to root to complete user admin tasks. Assuming the user is jdoe, and the group with the elevated... (3 Replies)
Discussion started by: rjlohman
3 Replies

5. UNIX for Advanced & Expert Users

script regarding listing long group names

Hello, When listing the file systems (using ls -ltr) , if the group names are longer the group name is getting truncated. Can someone help with the script which would display the truncated group name? I appreciate if someone could help in this regard. (1 Reply)
Discussion started by: mike12
1 Replies

6. Shell Programming and Scripting

need a one liner to grep a group info from /etc/group and use that result to search passwd file

/etc/group tiadm::345:mk789,po312,jo343,ju454,ko453,yx879,iy345,hn453 bin::2:root,daemon sys::3:root,bin,adm adm::4:root,daemon uucp::5:root /etc/passwd mk789:x:234:1::/export/home/dummy:/bin/sh po312:x:234:1::/export/home/dummy:/bin/sh ju454:x:234:1::/export/home/dummy:/bin/sh... (6 Replies)
Discussion started by: chidori
6 Replies

7. Solaris

Sudo Privileges & Sudoers Group

I'm looking for some suggestions to accomplish what a specific user needs, without adding them to the "sudoers" group. I have X user, that is requesting to be able to change file permissions on items owned by others and search directories where X user doesn't have access. I'm open to any... (2 Replies)
Discussion started by: Nvizn
2 Replies

8. SuSE

How to add a new user to sudo group in openSuse 12.3?

Hi All, I have created a openSUSE 12.3 VM in my VirtualBox. I have created one user and added that user to my group. Is there any command by which I can add that user to sudoers user group like we do in ubuntu? #sudo adduser user1 sudo I checked the /etc/groups file, but there is no sudo... (1 Reply)
Discussion started by: sanzee007
1 Replies

9. Programming

Sql ORA-00937: not a single-group group function

I'm trying to return only one row with the highest value for PCT_MAX_USED. Any suggestions? When I add this code, I get the ORA-00937 error. trunc(max(decode( kbytes_max, 0, 0, (kbytes_alloc/kbytes_max)*100))) pct_max_used This is the original and returns all rows. select (select... (3 Replies)
Discussion started by: progkcp
3 Replies

LEARN ABOUT LINUX

sudo_root

sudo_root(8)						      System Manager's Manual						      sudo_root(8)

NAME

       sudo_root - How to run administrative commands

SYNOPSIS

       sudo command

       sudo -i

INTRODUCTION

       By  default, the password for the user "root" (the system administrator) is locked. This means you cannot login as root or use su. Instead,
       the installer will set up sudo to allow the user that is created during install to run all administrative commands.

       This means that in the terminal you can use sudo for commands that require root privileges. All programs in the menu will use  a  graphical
       sudo to prompt for a password. When sudo asks for a password, it needs your password, this means that a root password is not needed.

       To  run	a  command which requires root privileges in a terminal, simply prepend sudo in front of it. To get an interactive root shell, use
       sudo -i.

ALLOWING OTHER USERS TO RUN SUDO

       By default, only the user who installed the system is permitted to run sudo. To add more administrators, i. e. users who can run sudo,  you
       have to add these users to the group 'admin' by doing one of the following steps:

       * In a shell, do

	   sudo adduser username admin

       * Use the graphical "Users & Groups" program in the "System settings" menu to add the new user to the admin group.

BENEFITS OF USING SUDO

       The benefits of leaving root disabled by default include the following:

       * Users do not have to remember an extra password, which they are likely to forget.

       * The installer is able to ask fewer questions.

       * It  avoids  the  "I  can do anything" interactive login by default - you will be prompted for a password before major changes can happen,
	 which should make you think about the consequences of what you are doing.

       * Sudo adds a log entry of the command(s) run (in /var/log/auth.log).

       * Every attacker trying to brute-force their way into your box will know it has an account named root and will try that first. What they do
	 not know is what the usernames of your other users are.

       * Allows  easy transfer for admin rights, in a short term or long term period, by adding and removing users from the admin group, while not
	 compromising the root account.

       * sudo can be set up with a much more fine-grained security policy.

       * On systems with more than one administrator using sudo avoids sharing a password amongst them.

DOWNSIDES OF USING SUDO

       Although for desktops the benefits of using sudo are great, there are possible issues which need to be noted:

       * Redirecting the output of commands run with sudo can be confusing at first. For instance consider

	   sudo ls > /root/somefile

	 will not work since it is the shell that tries to write to that file. You can use

	   ls | sudo tee /root/somefile

	 to get the behaviour you want.

       * In a lot of office environments the ONLY local user on a system is root. All other users  are	imported  using  NSS  techniques  such	as
	 nss-ldap.  To	setup a workstation, or fix it, in the case of a network failure where nss-ldap is broken, root is required. This tends to
	 leave the system unusable. An extra local user, or an enabled root password is needed here.

GOING BACK TO A TRADITIONAL ROOT ACCOUNT

       This is not recommended!

       To enable the root account (i.e. set a password) use:

	   sudo passwd root

       Afterwards, edit the sudo configuration with sudo visudo and comment out the line

	   %admin  ALL=(ALL) ALL

       to disable sudo access to members of the admin group.

SEE ALSO

       sudo(8), https://wiki.ubuntu.com/RootSudo

								 February 8, 2006						      sudo_root(8)
All times are GMT -4. The time now is 06:09 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy