Help - Search - Members - Calendar
Full Version: Sudo Help
Linuxhelp > Support > Technical Support
nuthead
Hi,
I have just purchased a Linux box for my web hosting business and need to run one command with extended permissions. The perfect way to do this seemed to be with Sudo but I've run in to some difficulty. I've been testing with a local account set up on the server and I'm connecting through SSH. Below is my sudoers file and the command im running:

CODE
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification

# Cmnd alias specification
Cmnd_Alias CRUTILS = /usr/local/psa/bin

# Defaults specification

# User privilege specification
root    ALL=(ALL) ALL
james   ALL=NOPASSWD: CRUTILS

# Uncomment to allow people in group wheel to run all commands
# %wheel        ALL=(ALL)       ALL


CODE
sudo /usr/local/psa/bin/client.sh

I first of all get prompted for a password (i thought NOPASSWD was meant to stop this prompt) and then i get the error
CODE
Sorry, user james is not allowed to execute '/usr/local/psa/bin/client.sh' as root on xxxx.

if i do a sudo -l i get:
CODE
User james may run the following commands on this host:
   (root) NOPASSWD: /usr/local/psa/bin


I don't think I've missed anything here! Any help will be greatly appreciated.
nifflerX
I am not positive about this, but you might need this line:

CODE
james   ALL=(ALL)         NOPASSWD: CRUTILS


instead of:

CODE
james   ALL=NOPASSWD: CRUTILS


HTH.


-NifflerX
nuthead
i tried that too sad.gif
nuthead
anyone else?
hughesjr
You didn't say which linux disto ... my advise is with Sudo version 1.6.7p5 on a RHEL box....

try this for sudoers:
QUOTE
james  machine_name = NOPASSWD: /usr/local/psa/bin/client.sh


Replace the machine_name with the result of the command hostname

Also ... you might need to do any items the script /usr/local/psa/bin/client.sh that has to be run as root. Let's say it runs /usr/sbin/useradd and /usr/bin/passwd (in root mode) ... so we might need this as the sudoers file:

QUOTE
james  machine_name = NOPASSWD: /usr/local/psa/bin/client.sh, /usr/sbin/useradd, /usr/bin/passwd
nuthead
ok, i'll give them a go.Thanks!

by the way it is rhel3 with Sudo 1.6.7p5
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2017 Invision Power Services, Inc.