I have the strangest issue... might be a huge oversight.. who knows!!
I am trying to configure a user to use sudo with no password, here is my sudoers configuration file
Code:
root@isha:~# egrep -v "^$|^#" /etc/sudoers
root ALL=(ALL) ALL
%wheel ALL=(ALL) NOPASSWD: ALL
root@isha:~#
I login with user "kenneth", which is on the wheel group, but it requires password...
Code:
kenneth@isha:~$ id -a
uid=100(kenneth) gid=10(staff) groups=10(staff),100(wheel)
kenneth@isha:~$ roles
root
kenneth@isha:~$ sudo -n su -
sudo: a password is required
so I check creating a new user called "ragnor", adding it to wheel as well, I added it to the root role too just in case, (I thought that was the cause at some point) but it works flawlessly..
Code:
ragnor@isha:~$ id -a
uid=101(ragnor) gid=10(staff) groups=10(staff),100(wheel)
ragnor@isha:~$ roles
root
ragnor@isha:~$ sudo su -
Oracle Corporation SunOS 5.11 11.2 June 2014
You have new mail.
root@isha:~#
I also tried commenting out the "root ALL=(ALL) ALL" on sudoers, same results.
-n The -n (non-interactive) option prevents sudo
from prompting the user for a password. If a
password is required for the command to run,
sudo will display an error message and exit.
I can't truss sudo -- edit: (you did say run this as root m, as root it did open /etc/sudoers )
Code:
kenneth@isha:~$ truss -f -t open sudo -l
truss: cannot trace set-id or unreadable object file: /usr/bin/sudo
However if it was not using /etc/sudoers it would not work for "ragnor".
There is an easy way of showing it is indeed reading the /etc/sudoers config file
Code:
root@isha:~# egrep -v "^$|^#" /etc/sudoers
root ALL=(ALL) ALL
%wheel ALL=(ALL) NOPASSWD: ALL
kenneth ALL=(ALL) NOPASSWD: /usr/bin/su
root@isha:~# exit
logout
kenneth@isha:~$ sudo -l
User kenneth may run the following commands on this host:
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: /usr/bin/su
(ALL) ALL
kenneth@isha:~$
This must have something to do with RBAC.... root being a role and not a user.. not sure.
---------- Post updated at 01:41 AM ---------- Previous update was at 01:32 AM ----------
Ok found it...
When a user is specified during installation a few things happen, it gets the "root" role and so on, but it also creates the following file
Code:
root@isha:/# cat /etc/sudoers.d/svc-system-config-user
kenneth ALL=(ALL) ALL
So sudo was hitting this rule before hitting the NOPASSWD one.., removing that file did the magic.. funny one.
i have tried to use a sudo command from a user level . but instead of asking for user password it asked for root password . how should i go about it .
james@opensuse:/etc> sudo ifconfig
root's password:
And i wish to ask how should i allow a list of command to be allowed to used for a... (4 Replies)
hi,
i have a requirement where i need to sudo to another user in the shell script.suppose consider user A and B, first user A calls a shell script and then i need to sudo to user B which executes another shell script inside the earlier one.
also this needs to be automated like while sudo'ing to... (3 Replies)
Little confused here
When i go to run sudo nohup ./script.ksh &
I dont get asked for a password.
It starts a process ID, I can see it when i do a ps -ef | grep script.
But I dont get an output file from my script, so its not doing anything.
What gives?
does it have to do the "&" ?
... (4 Replies)
I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this:
#!/bin/bash
rsync /path/on/local/machine/ foo.com:path/on/remote/machine/
ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
salmo allikm warhmat allah wabrakato
i want to do script with sudo like
sudo su and want to put password in the script not get from user because i to made it startup when booting and i don't know how put in script for sudo
thanks (5 Replies)
Hi
While doing the following command password is gettin dispalyed :
ssh <host> "sudo command ; exit"
....
while i type my password for 2nd its gettin displayed ...
i tried stty -echo and stty echo
...
still i am havin problem..:confused: (1 Reply)
Hello
I have a partition with Aix 5.3 and I install sudo
I put the commands that I want to use x user and I put the option that donkask for password.
But when I run with this user and I try to run that commands. ask me for a password.
I put this line for no ask for password with that... (2 Replies)
Hello everybody,
Say I forgot my root password (shit happens, no?) and I'd like to brutally try 100 possibilities to delete a file using sudo. How can I make a script that tries all the passwords?
The following doesn't work. Do you have a clue?
foo:~$ cat test
sudo rm dummy <<< 'password'
echo... (1 Reply)
Hi all..
I'm secering a RH 2.1 server, with gnome (not my choice...), as X manager.
Is ther anyway to get sudo ask for root password other then the actual user's password? Like when you launch the graphical IHM to create a new user, it asks for root's password? Is there a way to do the same... (5 Replies)