HPE Community
Operating System - HP-UX
1840181 Members
2768 Online
110162 Solutions
New Discussion

sudo problem

 
Todd McDaniel_1
Honored Contributor

‎05-16-2006 03:05 AM

‎05-16-2006 03:05 AM

sudo problem

I have an issue with sudo where a user gets this error.

"user NOT authorized on host"

Not exactly sure what that means, the user has access to the box and I have given them sudo permission to run the commands in /etc/sudoers.
Unix, the other white meat.
0 Kudos
Reply
9 REPLIES 9
A. Clay Stephenson
Acclaimed Contributor

‎05-16-2006 03:14 AM

‎05-16-2006 03:14 AM

Re: sudo problem

Look at the Host_Alias entries in your /etc/sudoers file.
If it ain't broke, I can fix that.
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎05-16-2006 03:15 AM

‎05-16-2006 03:15 AM

Re: sudo problem

Look at the Host_Alias and User_Alias entries in your /etc/sudoers file.
If it ain't broke, I can fix that.
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎05-16-2006 03:16 AM

‎05-16-2006 03:16 AM

Re: sudo problem

Hi Todd,

The command *must* be exactly what the user types. You can use wildcards, but the path & actual command must match that pattern.
Also most sudo rules apply to group perms so make sure the user is effectively in the proper group - i.e. if they're a member of several, they are presently in the proper one or you've set up netgroups to give them rights to all.

HTH,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Arunvijai_4
Honored Contributor

‎05-16-2006 03:33 AM

‎05-16-2006 03:33 AM

Re: sudo problem

Hi,

Perhaps, this could help http://www.ussg.iu.edu/UAU/advcomm/sudoers

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
Reply
Todd McDaniel_1
Honored Contributor

‎05-16-2006 03:38 AM

‎05-16-2006 03:38 AM

Re: sudo problem

So far as I know, We have never used any alias of any type.

I have the full path in the entry but with no options, that should give them the access to run it with any options they choose.

The user is only in one group.



Unix, the other white meat.
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎05-16-2006 03:51 AM

‎05-16-2006 03:51 AM

Re: sudo problem

OK - I suspect it's in the sudoers file itself - section should look like:

User_Alias SUDO_NAME = %group_name1, %group_name2
Cmnd_Alias SUDO_CMD_NAMES = \
/path/to/first/command, \
/path/to/second/commnd, \
/path/to/final/command
SUDO_NAME ALL = (root) SUDO_CMD_NAMES

Note the need for commas after group definitions & commas/backslashes as well after all but the last command and the actual definitions at the end of the section.

It's easy to miss one of these.

HTH,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Todd McDaniel_1
Honored Contributor

‎05-16-2006 04:07 AM

‎05-16-2006 04:07 AM

Re: sudo problem

This is the format we have used for a long time and I have never had an issue with it.

user1 ALL=(ALL) NOPASSWD:/path/to/command
Unix, the other white meat.
0 Kudos
Reply
Darrel Louis
Honored Contributor

‎05-16-2006 09:01 AM

‎05-16-2006 09:01 AM

Re: sudo problem

Todd,

Are you sure that there are no duplicate user-id's in your passwd or group file.
Does your syntax work for another user?

Can you do the following:
- id
- pwck
- grpck

Darrel
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎05-16-2006 09:22 AM

‎05-16-2006 09:22 AM

Re: sudo problem

Check for duplicate IDs with:

logins -d


Bill Hassell, sysadmin
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.