HPE Community
Operating System - HP-UX
1833788 Members
2116 Online
110063 Solutions
New Discussion

sudo for route adds

 
SOLVED
Go to solution
someone_4
Honored Contributor

‎04-26-2002 12:23 PM

‎04-26-2002 12:23 PM

sudo for route adds

Hi everyone,
I am trying to configure sudo so a Net admin can do a route add. I installed sudo version 1.6.2b1 and used the visudo command to try to configure it.

It looks like this:

# Host alias specification
Host_Alias LUPUS = lupus
# User alias specification
User_Alias OPERATOR = rleon2
# Cmnd alias specification

# User privilege specification
root ALL=(ALL) ALL
OPERATOR LUPUS = /usr/sbin/route
rleon2 ALL=/usr/sbin/route

But when I log in as rleon2 to test and see if i can do a route add. I get the error

Sorry, sudo must be setuid root.

What am i missing?

thanks,
- Richard
0 Kudos
Reply
8 REPLIES 8
S.K. Chan
Honored Contributor

‎04-26-2002 12:30 PM

‎04-26-2002 12:30 PM

Solution

Re: sudo for route adds

Chmod your sudo program ..

# chmod 4111 sudo

SUID bit got to be set.

Reply
Hai Nguyen_1
Honored Contributor

‎04-26-2002 12:31 PM

‎04-26-2002 12:31 PM

Re: sudo for route adds

Richard,

Check the mode bit of sudo.
It should ---s--x--x.
Otherwise, do this to set setuid as root.
# chmod 4111 sudo

Hai
Reply
someone_4
Honored Contributor

‎04-26-2002 12:32 PM

‎04-26-2002 12:32 PM

Re: sudo for route adds

lol
I did

#chmod u+s sudo

and now it works it gives me
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these two things:

#1) Respect the privacy of others.
#2) Think before you type.

Password:
usage: add destination [netmask mask] gateway [metric]

..

How do I take that message off?

And in visudo

do i have to specify each augument?

- Richard

0 Kudos
Reply
Michael Tully
Honored Contributor

‎04-26-2002 12:32 PM

‎04-26-2002 12:32 PM

Re: sudo for route adds

Richard,

This certainly seems a permissions problem with either you 'sudo' binary or the /etc/sudoers file itself.

The permissions on /etc/sudoers should be

440 root root

I am sure someone can find the correct permission on the binary (working at home)

Cheers
~Michael~
Anyone for a Mutiny ?
0 Kudos
Reply
Sachin Patel
Honored Contributor

‎04-26-2002 12:40 PM

‎04-26-2002 12:40 PM

Re: sudo for route adds

Hi richard,
No you don't have to specify all arguments in /etc/sudoers file.
operator can run it like
sudo /usr/sbin/route arguments.....

Sachin
Is photography a hobby or another way to spend $
Reply
S.K. Chan
Honored Contributor

‎04-26-2002 12:56 PM

‎04-26-2002 12:56 PM

Re: sudo for route adds

I think the only way to not display the message is to set NOPASSWD in the /etc/sudoers file for a specific user. I'm not sure since I've never done that before. Check the "NOPASSWD and PASSWD" section in this URL ..

http://www.courtesan.com/sudo/man/sudoers.html
Reply
someone_4
Honored Contributor

‎04-26-2002 01:00 PM

‎04-26-2002 01:00 PM

Re: sudo for route adds

All that worked and Mr. S.K that is the way to stop the message.

Richard
0 Kudos
Reply
Ed Sampson
Frequent Advisor

‎04-29-2002 09:44 AM

‎04-29-2002 09:44 AM

Re: sudo for route adds

The sudo warning message should only occur on the 1st usage for each user. After the user has a time stamp in the logs it should not appear again. I personally would not turnoff the passwd option, but that's up to up.

Ed
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.