HPE Community
Operating System - Linux
1827892 Members
1923 Online
109969 Solutions
New Discussion

Re: Serious Sudo Help!

 
SOLVED
Go to solution
Qcheck
Super Advisor

‎01-28-2011 08:01 AM

‎01-28-2011 08:01 AM

Serious Sudo Help!

On linux 5.4, I would like to setup the sudo for the user, so that user can restart the ntpd. I did setup as follows:

# visudo
Host_Alias LINUXHELP = test_server
User_Alias USERS = tester
Cmnd_Alias SERVICES = /etc/init.d/ntpd restart

USERS LINUXHELP = SERVICES

-----------------------------------------------
Saved the above and tried to login to the node as the user. And ran the following, however errored out:

[Test_Server: /home/tester]# sudo -u tester'/etc/init.d/ntpd restart'
tester is not allowed to run sudo on test_server. This incident will be reported.

-----------------------------------------------
The /var/log/secure file reports the following:

Jan 28 10:55:17 test_server sudo: tester: user NOT authorized on host ; TTY=pts/2 ; PWD=/home/tester ; USER=tester; COMMAND=/etc/init.d/ntpd restart


+++++++++++++++++++++++++++++++++++++++++

Please help me to fix. I did this before, and not sure hy it is not working. What am I doing wrong?

Thank you in an advance!
0 Kudos
4 REPLIES 4
Matti_Kurkela
Honored Contributor

‎01-28-2011 08:57 AM

‎01-28-2011 08:57 AM

Re: Serious Sudo Help!

# sudo -u tester'/etc/init.d/ntpd restart'

Based on a quick bit of testing on RHEL 5.5,
sudo seems to regard the quoted and unquoted versions as two different commands. Try without the quotes:

# sudo -u tester /etc/init.d/ntpd restart

If that does not work either, please run "sudo -l" as user "tester". If it does not list "/etc/init.d/ntpd restart" as an allowed command, it might be a hostname lookup mismatch. The hostname (or Host_alias) must exactly match the output of the "hostname" command.

MK
MK
0 Kudos
Qcheck
Super Advisor

‎01-31-2011 12:23 PM

‎01-31-2011 12:23 PM

Re: Serious Sudo Help!

MK, Thank you for the response. However, still doesn't work. Please find the following:

[test_server: /home/tester]# sudo -l
[sudo] password for tester:

User tester may run the following commands on this host:
(root) /etc/init.d/ntpd restart
[test_server: /home/tester]# sudo -u tester /etc/init.d/ntpd restart
Sorry, user tester is not allowed to execute '/etc/init.d/ntpd restart' as tester on test_server.
[test_server: /home/teser]# hostname
tester
[test_server: /home/tester]#

Please guide.

Thank you.
0 Kudos
Zinky
Honored Contributor

‎01-31-2011 01:21 PM

‎01-31-2011 01:21 PM

Solution

Re: Serious Sudo Help!

User tester may run the following commands on this host:
(root) /etc/init.d/ntpd restart

Your SUDO rights means user tester is allowed to run that command with "root" priviliges.

So:

tester% sudo /etc/init.d/ntpd restart

should do it. It will however prompt for tester's password.



Hakuna Matata

Favourite Toy:
AMD Athlon II X6 1090T 6-core, 16GB RAM, 12TB ZFS RAIDZ-2 Storage. Linux Centos 5.6 running KVM Hypervisor. Virtual Machines: Ubuntu, Mint, Solaris 10, Windows 7 Professional, Windows XP Pro, Windows Server 2008R2, DOS 6.22, OpenFiler
0 Kudos
Qcheck
Super Advisor

‎02-01-2011 09:08 AM

‎02-01-2011 09:08 AM

Re: Serious Sudo Help!

Alzhy, Thank you for the help. I know, I didn't realize I was using the command sudo -u, being the user as tester. Without the option "u" it worked.

Thank you, again.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.