Announcement

Collapse
No announcement yet.

[solved] sudoers not working

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    [solved] sudoers not working

    Hi Folks,
    I've read up on sudoers but I'm obviously doing something wrong.

    When I thought this was working, it was apparently fooling me and working off a previously entered sudo password ... so it obviously isn't working!

    Aim - to enable a script to use the mount and umount commands without needing a password entered.

    Sudo file...
    Code:
    Defaults    env_reset

# Host alias specification

# User alias specification

# Cmnd alias specification
Cmnd_Alias   CMD_LIST = /bin/mount, /bin/umount

# User privilege specification
root  ALL=(ALL) ALL
michelle    ALL=(ALL) NOPASSWD: CMD_LIST

# Uncomment to allow members of group sudo to not need a password
# (Note that later entries override this, so you might need to move
# it further down)
# %sudo ALL=NOPASSWD: ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
    ...noting that between the "michelle" and the "ALL" I have tried a space and a tab, neither work.

    Any ideas please?

    I have also tried listing the commands specifically, like this...
    Code:
    michelle ALL=(ALL) NOPASSWD: /bin/mount
michelle ALL=(ALL) NOPASSWD: /bin/umount
    ..but that didn't work either.

    A "whoami" at the start of the script confirms it is running as, "michelle."
    Tags: None
    • Top
    • Bottom
    #2
    Re: sudoers not working

    Did you try this yet
    Code:
    michelle    ALL=NOPASSWD: /bin/mount, /bin/umount
    • Top
    • Bottom

    Comment

      #3
      Re: sudoers not working

      Thanks, I'll give anything a try!
      • Top
      • Bottom

      Comment

        #4
        Re: sudoers not working

        Still not working. I even brought myself down to this...
        Code:
        # /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#

Defaults    env_reset

# Host alias specification

# User alias specification

# Cmnd alias specification
Cmnd_Alias   CMD_LIST = /bin/mount, /bin/umount

# User privilege specification
root  ALL=(ALL) ALL
michelle ALL=(ALL) NOPASSWD: ALL

# Uncomment to allow members of group sudo to not need a password
# (Note that later entries override this, so you might need to move
# it further down)
# %sudo ALL=NOPASSWD: ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
        ...but if I start a terminal session, then under some circumstances I'm being asked for my password.

        Some of these circumstances include...

        In .kde/Autostart there is a shell script to automatically map a network drive. It isn't happening; presumably it wants the password.

        When I have a shortcut in the menu structure, which fires a script, it has to be in a terminal, or it won't run. However, when I start it, in the terminal, sudo asks for my password.
        • Top
        • Bottom

        Comment

          #5
          Re: sudoers not working

          Catch-22 -- you can't use "sudo" if your password is not accepted.

          Can you boot recovery mode, drop to the root "#" prompt, and then run visudo from there?
          • Top
          • Bottom

          Comment

            #6
            Re: sudoers not working

            hi Dibl,

            Thanks, but I believed the nopasswd: part should tell it not to bother asking for the password ... especially as I'm already logged in as myself.

            ... or have I missed something?

            Michelle.
            • Top
            • Bottom

            Comment

              #7
              Re: sudoers not working

              How it is working at here
              a.k.a disabling the password query for a command/script (showfsck) for a user


              Konsole:
              Code:
              sudo visudo
              and
              ...snip...
              # Members of the admin group may gain root privileges
              %admin ALL=(ALL) ALL

              rog ALL= NOPASSWD: /usr/sbin/showfsck
              save&exit

              Konsole /1/:
              Code:
              sudo -K
              and
              Code:
              sudo showfsck
              12/34 mount(s) until fsck for /dev/disk/by-uuid/83bbf97e-38f6-4932-971e-a2ac20a98705
              17/36 mount(s) until fsck for /dev/sda5
              ***************************
              * 3 * /29 mount(s) until fsck for /dev/sda6
              ***************************
              12/29 mount(s) until fsck for /dev/sdb2
              14/31 mount(s) until fsck for /dev/sdb3
              9/30 mount(s) until fsck for /dev/sdb4
              There is no password query. Now it is possible to use the "sudo showfsck" in the scripts.


              Earlier > FAQ: Root Password

              /1/ man sudo
              ...
              -K

              The -K (sure kill) option is like -k except that it removes the user's timestamp entirely. Like -k, this option does not require a password.

              -k

              The -k (kill) option to sudo invalidates the user's timestamp by setting the time on it to the
              Epoch. The next time sudo is run a password will be required. This option does not require a
              password and was added to allow a user to revoke sudo permissions from a .logout file.
              ...
              Before you edit, BACKUP !

              Why there are dead links ?
              1. Thread: Please explain how to access old kubuntu forum posts
              2. Thread: Lost Information
              • Top
              • Bottom

              Comment

                #8
                Re: sudoers not working

                Originally posted by msknight
                Thanks, but I believed the nopasswd: part should tell it not to bother asking for the password ... especially as I'm already logged in as myself.
                Try putting your specific NOPASSWD line after
                %admin ALL=(ALL) ALL
                otherwise the admin group line will override your user specific line.

                %admin ALL=(ALL) ALL
                michelle ALL=(ALL) NOPASSWD: /bin/mount, /bin/umount
                (it should also work without '(ALL)', or using a command list alias)

                from 'man sudoers':
                When multiple entries match for a user, they are applied in order. Where there are multiple matches, the last match is used (which is not necessarily the most specific match).
                • Top
                • Bottom

                Comment

                  #9
                  Re: sudoers not working

                  You know ... I think that moving the nopasswd line after the %admin might have worked.

                  Let me do a little more testing.

                  If it does work, then I'm not sure "why" if you know what I mean.
                  • Top
                  • Bottom

                  Comment

                    #10
                    Re: [solved] sudoers not working

                    Great stuff - it worked! Now I've got to understand why.

                    As you say, the later command overrides the other one, but as "michelle" isn't a member of the admin group, I can't understand why this should override the other statement.
                    • Top
                    • Bottom

                    Comment

                      #11
                      Re: [solved] sudoers not working

                      Ah, um, yes ... I am a member of the admin group. I'll go away and scratch my head a bit.
                      • Top
                      • Bottom

                      Comment

                      Previous template Next
                      Working...
                      X