System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

Sorry, user test1 is not allowed to execute "/usr/lbin/getprpw -m spwchg test1" as root on hostname

ladoo_1
Frequent Advisor

Sorry, user test1 is not allowed to execute "/usr/lbin/getprpw -m spwchg test1" as root on hostname

I have this line in the /etc/sudoers file ..
Host_Alias SER=server1,server2

ALL SER=/usr/lbin/getprpw ALL

Please let me know what else i need to do ??
thanks
11 REPLIES
Steven E. Protter
Exalted Contributor

Re: Sorry, user test1 is not allowed to execute "/usr/lbin/getprpw -m spwchg test1" as root on hostname

Shalom,

I don't see the users defined in your sudoers file.

Example:

ycallen MAIN=NOPASSWD:SNMP

Cmnd_Alias SNMP=/usr/local/emanate/linux.bin/snmpdm,/etc/rc.d/init.d/snmpm,/etc/init.d/snmpm

This gives user ycallen (who no longer works here) the rights to run the progams listed in the command alias as root.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
ladoo_1
Frequent Advisor

Re: Sorry, user test1 is not allowed to execute "/usr/lbin/getprpw -m spwchg test1" as root on hostname

I want all the users on the Host_Alias SER=server1 , server2

to run that command ...

ALL SER=/usr/lbin/getprpw ALL


ALL = All users

SER = host list

command /usr/lbin/getprpw

I amy have the syntax incorect ??
Ivan Krastev
Honored Contributor

Re: Sorry, user test1 is not allowed to execute "/usr/lbin/getprpw -m spwchg test1" as root on hostname

Try:

ALL SER=/usr/lbin/getprpw

regards,
ivan
ladoo_1
Frequent Advisor

Re: Sorry, user test1 is not allowed to execute "/usr/lbin/getprpw -m spwchg test1" as root on hostname

I still get the error ...
ladoo_1
Frequent Advisor

Re: Sorry, user test1 is not allowed to execute "/usr/lbin/getprpw -m spwchg test1" as root on hostname

any one ...
Kenan Erdey
Honored Contributor

Re: Sorry, user test1 is not allowed to execute "/usr/lbin/getprpw -m spwchg test1" as root on hostname

Hi,

can you post sudo -l output when you are test1 ?
Computers have lots of memory but no imagination
ladoo_1
Frequent Advisor

Re: Sorry, user test1 is not allowed to execute "/usr/lbin/getprpw -m spwchg test1" as root on hostname

ALL SER=/usr/lbin/getprpw ALL


if you look at the above line i have ALL in the first field that means every one on that server ...
ladoo_1
Frequent Advisor

Re: Sorry, user test1 is not allowed to execute "/usr/lbin/getprpw -m spwchg test1" as root on hostname

SER= Host_Alias where the host list is ..

Host_Alias SER= server1, server2 ....
ladoo_1
Frequent Advisor

Re: Sorry, user test1 is not allowed to execute "/usr/lbin/getprpw -m spwchg test1" as root on hostname

the problem is here But i don't know how to fix it ...as i don't no scripting ..

# If user is root, then sudo is not needed.
# Use getprpw to get the date the password was changed. Get the Month, day and year
# it was changed.

if [[ "${USER}" = "root" ]] ; then
/usr/lbin/getprpw -m spwchg ${USER} | awk '{print $2, $3, $5}' | read CHMONTH CHDAY CHYEAR
else
/usr/local/bin/sudo /usr/lbin/getprpw -m spwchg ${USER} | awk '{print $2, $3, $5}' | read CHMONTH CHDAY CHYEAR
fi
Dennis Handly
Acclaimed Contributor

Re: Sorry, user test1 is not allowed to execute "/usr/lbin/getprpw -m spwchg test1" as root on hostname

>The problem is here. But i don't know how to fix it.

What seems to be wrong? The syntax seems to be fine.
Or are you getting your original "Sorry, user test1 is not allowed ..." error?
Paul D. Simpson
Frequent Advisor

Re: Sorry, user test1 is not allowed to execute "/usr/lbin/getprpw -m spwchg test1" as root on hostname

How about something like:


%users SER=/usr/lbin/getprpw

in sudoers?

This will allow all members of the group "users" to run the command.