Well, I would exclude a syntax error, since in the sudoers file is the following example:
Quote:
# Uncomment to allow members of group sudo to not need a password
# (Note that later entries override this, so you might need to move
# it further down)
# %sudo ALL=NOPASSWD: ALL
I first tried to add this line to just make the www-data user free of anything:
Quote:
www-data ALL=NOPASSWD: ALL
After that didn't work, I activated the example line in the file and made www-data member of the group sudo. That didn't work either...
Next try was setting a password for www-data. Still the password request, but at least now I was able to enter the password I set and got this line:
Quote:
Sorry, user www-data is not allowed to execute '/usr/bin/VBoxManage list vms' as vboxuser on Debian.localdomain.
Next try was to add the same entry for another user and try with that one. Same thing as with www-data. No difference at all.
Last point you proposed is of no use anymore, since it doesn't even work with passwords enabled.
But all your proposals made me do some steps that gave me some clues.
At one point I got the message posted in the last quote which made me think. The sentence implies, that it's only a problem of sudoing to this specific account. I then took some further reading and thinking and came to the conclusion, that sudo is normally a tool to gain root access, not access to another user. But I found something interesting in the sudoers manpage. Added this line to the sudoers file:
Quote:
www-data ALL=(vboxuser) ALL
This line specifies that www-data can run any commands as the other user. This took me a step further since from now on I was able to run the command after I entered the password specified earlier on.
After reading the manpage some more, I even found out what had to be done to get rid of the password prompt:
Quote:
Defaults:www-data !authenticate
This line in the sudoers file made the deal.
But still, I'm stuck with a last problem. I can run commands as my desired user without entering a password, but the command fails with an errorcode that is somehow related to rights. I somehow got the feeling, that it needs to read some files it doesn't have the right permissions when run from sudo. I also checked by logging into the desired account and running the command and all performs well. Since I have the "ALL" statement in /etc/sudoers, the problem can't be another program that is called, it's got to be some file. Any ideas on how I could find out which file or get sudo grant the vboxuser privileges for everything to www-data?