Page 2 of 6 FirstFirst 1234 ... LastLast
Results 11 to 20 of 51

Thread: HowTO: Sudoers Configuration

  1. #11
    Join Date
    Jan 2008
    Beans
    4,757

    Re: HowTO: Sudoers Configuration

    Quote Originally Posted by acrane1 View Post
    i get /bin/mount ; acrane1 ; and Crane3
    Well, I get no problems using that combination, I would say that that may be because I use an upstream version of sudo, but I have my doubts.

    Does it work when you tried out what was originally suggested to you?
    Code:
    Cmnd_Alias MYCMD=/bin/mount
    acrane1 ALL=NOPASSWD: MYCMD
    Also, what type of script are you using, and how are you running it?

    Regards
    Iain

  2. #12
    Join Date
    Jan 2008
    Location
    VA
    Beans
    29
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HowTO: Sudoers Configuration

    No it doesn't work with the originally suggested code. The script section is
    #!/bin/sh
    sudo mount /dev/sdf1 /media/Xtreme\ Drive
    sudo mount /dev/sdc1 /media/Barracuda

    The script works, it is being used as a start up script. When I run the script I am prompted for a password, once I type it in then they mount.

    So from what I've shown you, my visudo file looks correct? and it should be working?

  3. #13
    Join Date
    Jan 2008
    Beans
    4,757

    Re: HowTO: Sudoers Configuration

    Quote Originally Posted by acrane1 View Post
    No it doesn't work with the originally suggested code. The script section is
    #!/bin/sh
    sudo mount /dev/sdf1 /media/Xtreme\ Drive
    sudo mount /dev/sdc1 /media/Barracuda

    The script works, it is being used as a start up script. When I run the script I am prompted for a password, once I type it in then they mount.

    So from what I've shown you, my visudo file looks correct? and it should be working?
    There should be no issue whatsoever.

    Just ensure that the path is /bin/mount and the line that grants you permissions to execute it without a password is at the very bottom of the configuration file, and that should be it.

    If you are certain that everything is right, post the output of:
    Code:
    sudo -l
    if you are still having problems.

    Regards
    Iain

  4. #14
    Join Date
    Jan 2008
    Location
    VA
    Beans
    29
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HowTO: Sudoers Configuration

    I get
    User acrane1 may run the following commands on this host:
    (ALL) ALL

  5. #15
    Join Date
    Jan 2008
    Beans
    4,757

    Re: HowTO: Sudoers Configuration

    hmmm... that is definitely not set then.
    only one way to find out for sure what is going on.
    Code:
    sudo cat /etc/sudoers
    Regards
    Iain

  6. #16
    Join Date
    Jan 2008
    Location
    VA
    Beans
    29
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HowTO: Sudoers Configuration

    I edited my visudo to
    # Uncomment to allow members of group sudo to not need a password
    # %sudo ALL=NOPASSWD: ALL

    # Host alias specification

    # User alias specification

    # Cmnd alias specification

    # User privilege specification
    root ALL=(ALL) ALL
    # Members of the admin group may gain root privileges
    %admin ALL=(ALL) ALL
    acrane1 ALL=NOPASSWD:/bin/umount
    acrane1 ALL=NOPASSWD:/bin/mount

    now sudo -l outputs

    User acrane1 may run the following commands on this host:
    (ALL) ALL
    (root) NOPASSWD: /bin/umount
    (root) NOPASSWD: /bin/mount

    It is now working. Thanks for all your help

  7. #17
    Join Date
    Jan 2008
    Beans
    4,757

    Re: HowTO: Sudoers Configuration

    Heh, thanks.

    I suppose you ultimately figured it out yourself though, and that is what counts.

  8. #18
    Join Date
    May 2006
    Beans
    33

    Re: HowTO: Sudoers Configuration - allow chmod in specific path?

    Is it possible to restrict commands to specific paths?

    I am looking for a way to allow users to chown and chmod certain files and directories, IF they are under a specific directory.

    For example:

    Code:
    sudo chown -R -c :webmasters /docs/www
    should be allowed. But NOT other directories like

    Code:
    sudo chown -R -c :users /etc
    Is this possible with sudo?

    Thanks.

  9. #19
    Join Date
    Jan 2008
    Beans
    4,757

    Re: HowTO: Sudoers Configuration - allow chmod in specific path?

    Quote Originally Posted by rduke15 View Post
    Is it possible to restrict commands to specific paths?

    I am looking for a way to allow users to chown and chmod certain files and directories, IF they are under a specific directory.

    For example:

    Code:
    sudo chown -R -c :webmasters /docs/www
    should be allowed. But NOT other directories like

    Code:
    sudo chown -R -c :users /etc
    Is this possible with sudo?

    Thanks.
    If I understand you correctly, I think this outside of the scope of what sudo can do. So I would have to say that no this is not possible using sudo.

    To answer your problem, though, I would use Linux ACL (Access Control Lists) to do that sort of thing.

    With access control lists, you can set permissions of files and directories on a "per user" or "per group" basis.

    To implement it into your system, add "acl" to fstab, so it may look like the following:
    Code:
    UUID=b3d3d8f2  /  ext4  relatime,errors=remount-ro,acl  0  1
    Then remount the partition:
    Code:
    sudo mount -o remount /
    A simple application to set such permissions is eiciel
    Code:
    sudo apt-get install eiciel
    If setup correctly, you do not need to use sudo to carry out what you want to do.

    Regards
    Iain
    Last edited by ibuclaw; June 25th, 2009 at 05:11 PM.

  10. #20
    Join Date
    Dec 2008
    Location
    australia
    Beans
    210
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: HowTO: Sudoers Configuration

    i have just actadently blocked all access to sudo exept for apt-get this whould have been alright for what i wanted to use update manager too and i also forgot to make a sudo user that can edit these things
    is there any way out of this
    thanks

Page 2 of 6 FirstFirst 1234 ... LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •