Sudoers issue on 12.04 beta 4

[cesera]

Was directed here from the Ubuntu +1 forum.
I seem to have run into an issue with sudo on lubuntu 12.04 beta 2. I have added the following line to sudoers (using "sudo visudo"), but I still get prompted for a sudo password when using truecrypt or fsck.

Code:

userid    ALL=(ALL) NOPASSWD: /usr/bin/truecrypt, /sbin/fsck -a

I know there are security implications and things with that line, but the issue is that is should allow me to run truecrypt and fsck -a without typing in my password and it doesn't seem to work.

[matt_symes]

Hi

Was directed here from the Ubuntu +1 forum.
I seem to have run into an issue with sudo on lubuntu 12.04 beta 2. I have added the following line to sudoers (using "sudo visudo"), but I still get prompted for a sudo password when using truecrypt or fsck.

Code:

userid    ALL=(ALL) NOPASSWD: /usr/bin/truecrypt, /sbin/fsck -a

I know there are security implications and things with that line, but the issue is that is should allow me to run truecrypt and fsck -a without typing in my password and it doesn't seem to work.

This is from mine

Code:

matthew ALL=NOPASSWD: /usr/bin/apt-get, /usr/sbin/iotop

Check out

Code:

man sudoers

for more information. The man pages can be better than internet tutorials.

Kind regards

[Cheesemill]

Can you post your full /etc/sudoers file so we can take a look.

[cesera]

Here is a copy of my sudoers file, had to add the .txt extension to get it to upload. Most of the file is just the default file, I have only added the one line. I have had a long look at the man page and can't find anything wrong. I presume it is something simple that I have missed, so any clues would be appreciated.

Thanks,
Kees

[Cheesemill]

The only suggestion that I have is to try moving your added line to the bottom of the file, then log off / log on and try again.

Edit - Another suggestion, try removing the spaces so it reads as follows:

Code:

kees     ALL=(ALL)NOPASSWD:/usr/bin/truecrypt,/sbin/fsck -a

[Soul-Sing]

Code:

%truecrypt ALL=(root) NOPASSWD:/usr/bin/truecrypt

bottomline please

via

Code:

sudo visudo

[cesera]

The only suggestion that I have is to try moving your added line to the bottom of the file, then log off / log on and try again.

Edit - Another suggestion, try removing the spaces so it reads as follows:

Code:

kees     ALL=(ALL)NOPASSWD:/usr/bin/truecrypt,/sbin/fsck -a

Did both and that did the trick. Just don't understand why it has to be at the bottom of the file, have looked at the man page again and not sure what difference it makes in this case. I am not using any thing that needs to be set before I include it.

Thanks you very much.

[cesera]

Code:

%truecrypt ALL=(root) NOPASSWD:/usr/bin/truecrypt

bottomline please

That would work as well, but not for the 'fsck -a', which I like to include otherwise I have to enter my password whenever checking the truecrypt volumes.

Thanks for your help.

[Cheesemill]

Did both and that did the trick. Just don't understand why it has to be at the bottom of the file, have looked at the man page again and not sure what difference it makes in this case. I am not using any thing that needs to be set before I include it.

Thanks you very much.

Statements in the sudoers file get applied in the order the occur in the file, and override any conflicting statements above them. In your original attempt, the nopasswd statement was being applied properly, but then being overidden by the '%sudo ALL=(ALL:ALL) ALL' statement at the bottom of the file, which meant that anyone in the sudo group had to supply a passward for all commands.

Hope this makes sense

[cesera]

Statements in the sudoers file get applied in the order the occur in the file, and override any conflicting statements above them. In your original attempt, the nopasswd statement was being applied properly, but then being overidden by the '%sudo ALL=(ALL:ALL) ALL' statement at the bottom of the file, which meant that anyone in the sudo group had to supply a passward for all commands.

Hope this makes sense

That makes lots of sense. Thanks for clarifying that.