HPE Community
Operating System - HP-UX
1847704 Members
4320 Online
110265 Solutions
New Discussion

sudo

 
Cheung_2
Frequent Advisor

‎01-14-2003 12:50 AM

‎01-14-2003 12:50 AM

sudo

I would like to let the user "edp_usr" to run "ll"
as root, I have add the below line to file /etc/sudoers
" edp_usr gzip=/bin/ll" ,

then the user "edp_usr" try to run the below statement, the system ask to input the password, can suggest what is wrong in my setting? thx.
#whoami
edp_usr
# sudo ll /tmp
Password:
Andy
0 Kudos
Reply
9 REPLIES 9
nibble
Super Advisor

‎01-14-2003 01:04 AM

‎01-14-2003 01:04 AM

Re: sudo

clarification, what is "ll"? is that the "ls -l" command?
0 Kudos
Reply
Jerome Baron
Respected Contributor

‎01-14-2003 01:08 AM

‎01-14-2003 01:08 AM

Re: sudo

Hi,

You have not insert the nopasswd option
edp_usr gzip=NOPASSWD:/bin/ll

http://www.courtesan.com/sudo/man/sudoers.html#nopasswd%20and%20passwd

Regards,
Jerome
0 Kudos
Reply
Ravi_8
Honored Contributor

‎01-14-2003 01:18 AM

‎01-14-2003 01:18 AM

Re: sudo

Hi,

By default, sudo requires that a user authenticate him or herself before running a command. This can be modified via the NOPASSWD tag.
edp_usr = NOPASSWD /bin/ll
would allow the user edp_usr to run /bin/ll as root without authenticating himself.
never give up
0 Kudos
Reply
Rainer von Bongartz
Honored Contributor

‎01-14-2003 01:21 AM

‎01-14-2003 01:21 AM

Re: sudo

The behaviour is totally correct !!


sudo requires that a user has to enter his password before he can run the defined commands

You can change this with the NOPASSWD option.

Regards
Rainer

He's a real UNIX Man, sitting in his UNIX LAN making all his UNIX plans for nobody ...
0 Kudos
Reply
Jochen Heuer
Respected Contributor

‎01-14-2003 01:30 AM

‎01-14-2003 01:30 AM

Re: sudo

Hi Cheung,

give some points to correct answers:

This member has assigned points to 98 of 175 responses to his/her questions.
Well, yeah ... I suppose there's no point in getting greedy, is there?
0 Kudos
Reply
Cheung_2
Frequent Advisor

‎01-14-2003 01:49 AM

‎01-14-2003 01:49 AM

Re: sudo

thx all reply, but it still ask password after add the word "NOPASSWD" ,
my statement is /etc/sudoers is "edp_usr ll = NOPASSWD: /bin/ll" , then the user "edp_usr" run "sudo ll /tmp" , it still ask password, can suggest what is wrong? thx.
Andy
0 Kudos
Reply
Jerome Baron
Respected Contributor

‎01-14-2003 02:17 AM

‎01-14-2003 02:17 AM

Re: sudo

have you not an alias to your profile (alias ll=ls -l)
try sudo /bin/ll

Jerome
0 Kudos
Reply
Scott Corzine
Advisor

‎01-15-2003 06:28 PM

‎01-15-2003 06:28 PM

Re: sudo

You should use:

edp_usr ALL = NOPASSWD: /bin/ll

If you want edp_usr to be able to use this without specifying the user's passwd on any host this is installed on. If you want to restrict it to a specific host, replace the "ALL" above with your hostname as returned by `hostname` (see the man page for some more details).

Both of your examples:

edp_usr gzip=/bin/ll

edp_usr ll=NOPASSWD:/bin/ll

Have the same mistake, by putting a command name BEFORE the "=" you've stated that these permissions are only valid on the hosts named "gzip" and "ll" respectively.

The command "sudo -l" may be helpfull in checking complex configurations.


Hope this helps,
-Scott-
0 Kudos
Reply
Matthew Ghofrani
Regular Advisor

‎10-25-2006 05:44 AM

‎10-25-2006 05:44 AM

Re: sudo

Try using this format:

edg_usr ALL=(root) NOPASSWD:/bin/ll , /bin/another_command , and so on

Matthew From Boston
Life is full of bugs
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.