System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

i am getting an error when try to run sudo

whiteSox
Frequent Advisor

i am getting an error when try to run sudo

hostname# su - user01
hostname> /usr/local/bin/sudo su -
You do not have permission to su root

hostname/# uname -
OSF1
25 REPLIES
Patrick Wallek
Honored Contributor

Re: i am getting an error when try to run sudo

You need to add entries in the sudoers file so this user can run 'su'.
whiteSox
Frequent Advisor

Re: i am getting an error when try to run sudo

Where is the sudoers file located on that OS ?
OldSchool
Honored Contributor

Re: i am getting an error when try to run sudo

assuming the standard conventions, its probably in /etc...but I've never looked at OSF1.

also, you *don't* edit it with "vi", use "visudo" instead.....

whiteSox
Frequent Advisor

Re: i am getting an error when try to run sudo

it is not in /etc
Patrick Wallek
Honored Contributor

Re: i am getting an error when try to run sudo

Invoke 'visudo' to edit the sudoers file.

visudo might be in /usr/local/sbin.

The actual sudoers file **MIGHT** be in /usr/local/etc/sudo, but it depends entirely on the location specified via the installation package for this OS.
whiteSox
Frequent Advisor

Re: i am getting an error when try to run sudo

what do i need to specify if i found the file because i can use /usr/local/bin/sudo su - But it is the other users that can't sudo up .
Vishu
Trusted Contributor

Re: i am getting an error when try to run sudo

Hi,

Just run visudo, it will automatically open the sudoers file for editing. You can find visudo with the command

# whereis visudo


PS: please assign points.
whiteSox
Frequent Advisor

Re: i am getting an error when try to run sudo

hostname/# whereis visudo
visudo:
OldSchool
Honored Contributor

Re: i am getting an error when try to run sudo

".... file because i can use
/usr/local/bin/sudo su - "
But it is the other users that can't sudo up .

that's going to depend on *what* you want to do? Do you have specific users that you want to have this ability or everbody (not recommended) or what?
OldSchool
Honored Contributor

Re: i am getting an error when try to run sudo

perhaps a better idea would be to define what these "other users" need to do, and give them the authority to do that, as opposed to simply giving them the ability to become root at will......
whiteSox
Frequent Advisor

Re: i am getting an error when try to run sudo

for example :

user01 hostname=NOPASSWD:ALL

unable to do /usr/local/bin/sudo su -

even when he is in the sudoers file ...
whiteSox
Frequent Advisor

Re: i am getting an error when try to run sudo

Is there a such a thing as trusted mode on tru64 ? Because i am still not sure why this is not working ?

hostname# su - user01
hostname> /usr/local/bin/sudo su -
You do not have permission to su root
Steven Schweda
Honored Contributor

Re: i am getting an error when try to run sudo

> Is there a such a thing as trusted mode on
> tru64 ?

Why ask about Tru64 in an HP-UX forum?

Why ask about "sudo" without giving any info
about which version, how it was built and/or
installed, and/or configured?
OldSchool
Honored Contributor

Re: i am getting an error when try to run sudo

"Is there a such a thing as trusted mode on tru64 ? Because i am still not sure why this is not working ?"

Don't know, and it really shouldn't matter. I believe that you've an error in the sudoers file. I appears that what you want is (where "hostname" is the actual name of the machine):

user01 hostname = ( root ) NOPASSWD: ALL

(allow user01 to become root, do anything w/o authentication

-- or possibly ----

user01 hostname = ( ALL ) NOPASSWD: ALL

(allow user01 to become anyone, do anything w/o authentication


I don't recommend either. Instead, figure out what "user01" needs to do (as whomever) and give them access to only that....
whiteSox
Frequent Advisor

Re: i am getting an error when try to run sudo

I added this line in the sudoers file and get the same error ...

user01 hostname=(ALL) NOPASSWD:ALL
OldSchool
Honored Contributor

Re: i am getting an error when try to run sudo

hmm....

I added the following on one of my boxes and it works as I described:

l00s7m fc000xsvms1=(ALL) NOPASSWD: ALL

my id (l00s7m) can do "sudo su -" on machine fc000xsvms1 (or anything else) without entering a password.

since you insist on munging the file, I can't tell if you entered the actual word "hostname" or the actual hostname of the machine (it should be the later).

You are using "visudo" to make these changes, right?
OldSchool
Honored Contributor

Re: i am getting an error when try to run sudo

make that:

my id (l00s7m) can do "sudo su -" (or anything else) on machine fc000xsvms1 (only) without entering a password, and I can bdecome any user....

whiteSox
Frequent Advisor

Re: i am getting an error when try to run sudo

I used the hostname meaning name of the server ...what else could cause that ??
OldSchool
Honored Contributor

Re: i am getting an error when try to run sudo

try it with

user01 ALL=(ALL) NOPASSWD: ALL


and see what happens...and post the actual error message(s) if any.

all I can tell you for sure is "it works for me" (on multiple platforms)
whiteSox
Frequent Advisor

Re: i am getting an error when try to run sudo

it is working ..That was not it ..the sudo command is owned by root:system so every one who can exceute this command should also be part of the system group in the /etc/groups file .Thank you all for your help...
Patrick Wallek
Honored Contributor

Re: i am getting an error when try to run sudo

>>root:system so every one who can exceute
>>this command should also be part of the
>>system group

No, not necessarily. Having everyone that needs sudo access be part of the system group could be bad anyway as that could give them access to things they don't need.

The permissions on sudo should be 'rwsr-xr-x' (at least on my HP-UX & Linux systems it is) which will allow anyone to run sudo.
whiteSox
Frequent Advisor

Re: i am getting an error when try to run sudo

it does not really matter if you give them the nopassword and ALL they have the access to the entire server any way...
OldSchool
Honored Contributor

Re: i am getting an error when try to run sudo

"it does not really matter if you give them the nopassword and ALL they have the access to the entire server any way..."


I'm not sure who that was directed at, but if

user01 (ALL)=....

worked, then you may have a name resolution issue, as in what does "hostname" return, the short name of FQDN.

Also the "nopassword" option means they don't have to provide their password when initially using sudo.

=======================

"they have the access to the entire server any way..."

And that doesn't bother you, or your security auditors?
whiteSox
Frequent Advisor

Re: i am getting an error when try to run sudo

The solution is already provided in the previous comment ..