FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 03-28-2012, 09:03 PM
Aaron Konstam
 
Default Is it me or is it sudo?

On Wed, 2012-03-28 at 09:18 -0400, Mark Haney wrote:
> I'm kinda confused by the sudo problem I'm having. I've edited the main
> file with visudo to include:
>
> ## Allow root to run any commands anywhere
> root ALL=(ALL) ALL
> markh ALL=(ALL) NOPASSWD: ALL

Instead your last line above I have:
akonstam All=(root) NOPASSWD: ALL

and I can issue root commands without a password needed to be entered.
>
> (obviously only the last line was my addition)
>
> But for some reason, it makes no difference at all. I'm still required
> to input my password. What gives? I've not had this problem before so
> I don't know where to start.
>
> --
>
> Mark Haney
> Software Developer/Consultant
> AB Emblem
> markh@abemblem.com
> Linux marius.homelinux 3.3.0-4.fc16.x86_64 GNU/Linux


--
================================================== =====================
I have many CHARTS and DIAGRAMS..
================================================== =====================
Aaron Konstam telephone: (210) 656-0355 e-mail: akonstam@sbcglobal.net

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 03-28-2012, 09:19 PM
Aaron Konstam
 
Default Is it me or is it sudo?

On Wed, 2012-03-28 at 16:03 -0500, Aaron Konstam wrote:
> On Wed, 2012-03-28 at 09:18 -0400, Mark Haney wrote:
> > I'm kinda confused by the sudo problem I'm having. I've edited the main
> > file with visudo to include:
> >
> > ## Allow root to run any commands anywhere
> > root ALL=(ALL) ALL
> > markh ALL=(ALL) NOPASSWD: ALL
>
> Instead your last line above I have:
> akonstam All=(root) NOPASSWD: ALL

but: akonstam All=(ALL) NOPASSWD: ALL
also works so your file should work.
>
> and I can issue root commands without a password needed to be entered.
> >
> > (obviously only the last line was my addition)
> >

>
> --
> ================================================== =====================
> I have many CHARTS and DIAGRAMS..
> ================================================== =====================
> Aaron Konstam telephone: (210) 656-0355 e-mail: akonstam@sbcglobal.net
>


--
================================================== =====================
I live the way I type; fast, with a lot of mistakes.
================================================== =====================
Aaron Konstam telephone: (210) 656-0355 e-mail: akonstam@sbcglobal.net

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 03-29-2012, 12:46 PM
Mark Haney
 
Default Is it me or is it sudo?

On 03/28/2012 03:58 PM, James Wilkinson wrote:


Wild guess: try
cat -vet /etc/sudoers
This should show if you have any unexpected control characters in your
file (tab is shown as ^I, and the line feed at the end of a line by $).

Hope this helps,

James.



This is the output of that command. I see nothing odd here:


## Allow root to run any commands anywhere $
root^IALL=(ALL) ^IALL$
markh^IALL=(ALL)^INOPASSWD: ALL$
$



## Same thing without a password$
# %wheel^IALL=(ALL)^INOPASSWD: ALL$


I included the last two lines to show the comparison of the 'NOPASSWD'
lines and that they match up.



--

Mark Haney
Software Developer/Consultant
AB Emblem
markh@abemblem.com
Linux marius.homelinux 3.3.0-4.fc16.x86_64 GNU/Linux
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 03-29-2012, 12:48 PM
Mark Haney
 
Default Is it me or is it sudo?

On 03/28/2012 04:26 PM, T.C. Hollingsworth wrote:



Hmm, no, not that I can see. That's the only entry with my username in it.


Are you a member of the "wheel" group? (You are added to this group
when you check the "Administrator" checkbox on the user account setup
screen that appears on the first reboot after installation.) Check
with the `groups` command.

If so, Fedora's default sudoers enables sudo for the wheel group (look
for a line starting with %wheel). Try commenting out this line.

-T.C.


Yes I'm a member of the wheel group. And yes, editing that line with
NOPASSWD works. However, that doesn't fix my problem with just my
username. I can live with using the group for that, but this problem is
bugging me all to hell.



--

Mark Haney
Software Developer/Consultant
AB Emblem
markh@abemblem.com
Linux marius.homelinux 3.3.0-4.fc16.x86_64 GNU/Linux
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 03-29-2012, 12:53 PM
Mark Haney
 
Default Is it me or is it sudo?

On 03/28/2012 04:27 PM, Reindl Harald wrote:


the promt in linux supports colors since long ago
which is smarter than guess by error messages that
it was a root command happily with not enough
permissions

/root/.basrhc (red prompt):
PS1="[33[1;31m][u@h:w]$[33[0m] "

~/.bashrc (green prompt)
PS1="[33[1;32m][u@h:w]$[33[0m] "
______________________________

i use the follwoing schema since many years

RED: root on production servers
ORANGE: root on my machines
YELOW: root on backup.machines
GREEN: my user
LIGHTBLUE: buildusers
DARKBLUE: vm hosts

no, i have no good documentation, i googled around
for colors i searched :-)


I'm aware of BASH's use of colors, but, I'm not always at a console that
displays colors. (I've not found an Android app that will display them
on my Galaxy Tab for instance.)


Besides, I think a healthy dose of paranoia is not a bad thing. If it
works for you, that's great. I've found that it's not always good to
rely on things like that if you have to access consoles from odd devices
like mobile phones.




--

Mark Haney
Software Developer/Consultant
AB Emblem
markh@abemblem.com
Linux marius.homelinux 3.3.0-4.fc16.x86_64 GNU/Linux
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 03-29-2012, 12:59 PM
Frank Murphy
 
Default Is it me or is it sudo?

On 29/03/12 13:53, Mark Haney wrote:



Besides, I think a healthy dose of paranoia is not a bad thing. If it
works for you, that's great. I've found that it's not always good to
rely on things like that if you have to access consoles from odd devices
like mobile phones.



in the short term:
whaoami


--
Regards,
Frank
"Jack of all, fubars"
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 03-29-2012, 01:13 PM
Alick Zhao
 
Default Is it me or is it sudo?

On Thu, 29 Mar 2012 08:48:47 -0400, Mark Haney wrote:

> On 03/28/2012 04:26 PM, T.C. Hollingsworth wrote:
>
>>>
>>> Hmm, no, not that I can see. That's the only entry with my username
>>> in it.
>>
>> Are you a member of the "wheel" group? (You are added to this group
>> when you check the "Administrator" checkbox on the user account setup
>> screen that appears on the first reboot after installation.) Check
>> with the `groups` command.
>>
>> If so, Fedora's default sudoers enables sudo for the wheel group (look
>> for a line starting with %wheel). Try commenting out this line.
>>
>> -T.C.
>
> Yes I'm a member of the wheel group. And yes, editing that line with
> NOPASSWD works. However, that doesn't fix my problem with just my
> username. I can live with using the group for that, but this problem is
> bugging me all to hell.
>
>

I think William Hooper has explained that sudo will look through the
conf file and use the line that matches. So it is quite possible that
the line with %wheel comes after the line with your user name, so the
conf for wheel (which default to password needed) takes precedence.

To fix your issue, you probably should move the line with your user name
below the line with %wheel. However, if you have enabled wheel group,
uncomment the line containing '%wheel ... NOPASSWD' might also be OK.
No need to add an additional line.

--
alick
Fedora 16 (Verne) user
https://fedoraproject.org/wiki/User:Alick
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 03-29-2012, 01:17 PM
Reindl Harald
 
Default Is it me or is it sudo?

Am 29.03.2012 14:53, schrieb Mark Haney:
> On 03/28/2012 04:27 PM, Reindl Harald wrote:
>
>> the promt in linux supports colors since long ago
>> which is smarter than guess by error messages that
>> it was a root command happily with not enough
>> permissions
>>
>> /root/.basrhc (red prompt):
>> PS1="[33[1;31m][u@h:w]$[33[0m] "
>>
>> ~/.bashrc (green prompt)
>> PS1="[33[1;32m][u@h:w]$[33[0m] "
>> ______________________________
>>
>> i use the follwoing schema since many years
>>
>> RED: root on production servers
>> ORANGE: root on my machines
>> YELOW: root on backup.machines
>> GREEN: my user
>> LIGHTBLUE: buildusers
>> DARKBLUE: vm hosts
>>
>> no, i have no good documentation, i googled around
>> for colors i searched :-)
>
> I'm aware of BASH's use of colors, but, I'm not always at a console that displays colors. (I've not found an
> Android app that will display them on my Galaxy Tab for instance.)

ConnectBot can it on HTC Hero and HTC Desire
i would wonder if not on Galaxy


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 03-29-2012, 01:23 PM
Mark Haney
 
Default Is it me or is it sudo?

On 03/29/2012 08:59 AM, Frank Murphy wrote:

On 29/03/12 13:53, Mark Haney wrote:





in the short term:
whaoami




Yep. Use that a lot. Still doesn't mean I'll always think to run it
before doing something. Trust me, I'm one of those 'oooh, something
shiny' kinda people. Better safe than sorry.



--

Mark Haney
Software Developer/Consultant
AB Emblem
markh@abemblem.com
Linux marius.homelinux 3.3.0-4.fc16.x86_64 GNU/Linux
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 03-29-2012, 01:26 PM
Mark Haney
 
Default Is it me or is it sudo?

On 03/29/2012 09:13 AM, Alick Zhao wrote:

On Thu, 29 Mar 2012 08:48:47 -0400, Mark Haney wrote:




I think William Hooper has explained that sudo will look through the
conf file and use the line that matches. So it is quite possible that
the line with %wheel comes after the line with your user name, so the
conf for wheel (which default to password needed) takes precedence.

To fix your issue, you probably should move the line with your user name
below the line with %wheel. However, if you have enabled wheel group,
uncomment the line containing '%wheel ... NOPASSWD' might also be OK.
No need to add an additional line.



That's true. However, as I've explained, that line is commented out
while I'm debugging the issue with the username. I suppose, push comes
to shove that I can use an empty sudoers file except for that one line
in order to make absolutely certain nothing else is interfering, but
since Aaron Konstam verified that is /should/ work as I have it (as well
as others) I don't think I need to go that drastic.


The one thing I haven't done is post my entire sudoers file. I will if
anyone thinks it'll help.


I'm really not trying to be difficult here, but this is driving me nuts.


--

Mark Haney
Software Developer/Consultant
AB Emblem
markh@abemblem.com
Linux marius.homelinux 3.3.0-4.fc16.x86_64 GNU/Linux
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 

Thread Tools




All times are GMT. The time now is 09:41 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org