Results 1 to 6 of 6

Thread: /etc/sudoers configuration

  1. November 27th, 2012 #1
    Ed54_3
    Ed54_3 is offline First Cup of Ubuntu
    Join Date
    Jul 2008
    Beans
    9

    Post /etc/sudoers configuration

    I'm attempting to set up sudo to do two things: Allow all network admins root access, and allow anyone on the system to mount and unmount network shares. The closest I've gotten to this working is here:

    Code:
    #Allow all users to mount filesystems
ALL ALL=NOPASSWD: /bin/mount, /sbin/mount.cifs, /bin/umount

#Allow all admins sudo access
%DOMAIN\\admin_group ALL=(ALL) ALL
    The problem with this is that the previously listed line works, while the second doesn't. This happens when I switch their order as well. I need both parts working for linux to be usable in my workplace.
    Advanced reply Adv Reply  
  2. November 27th, 2012 #2
    Lars Noodén's Avatar
    Lars Noodén
    Lars Noodén is offline Ubuntu Member
    Join Date
    Sep 2006
    Beans
    8,627
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: /etc/sudoers configuration

    You need to put the actual name of your group after the %

    Code:
    %admin ALL=NOPASSWD: /bin/mount, /sbin/mount.cifs, /bin/umount
    Or are you trying to make this work with LDAP?
    Advanced reply Adv Reply  
  3. November 27th, 2012 #3
    Ed54_3
    Ed54_3 is offline First Cup of Ubuntu
    Join Date
    Jul 2008
    Beans
    9

    Re: /etc/sudoers configuration

    Yeah, using LDAP. I don't have access to the server however, and it would be a hassle to get someone to add sudo LDAP support on the server.
    Advanced reply Adv Reply  
  4. November 28th, 2012 #4
    rnerwein's Avatar
    rnerwein
    rnerwein is offline Dark Roasted Ubuntu
    Join Date
    Dec 2009
    Location
    germany
    Beans
    1,020
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: /etc/sudoers configuration

    Quote Originally Posted by Ed54_3 View Post
    I'm attempting to set up sudo to do two things: Allow all network admins root access, and allow anyone on the system to mount and unmount network shares. The closest I've gotten to this working is here:

    Code:
    #Allow all users to mount filesystems
ALL ALL=NOPASSWD: /bin/mount, /sbin/mount.cifs, /bin/umount

#Allow all admins sudo access
%DOMAIN\\admin_group ALL=(ALL) ALL
    The problem with this is that the previously listed line works, while the second doesn't. This happens when I switch their order as well. I need both parts working for linux to be usable in my workplace.
    by the side - in my opinion is
    ALL ALL=NOPASSWD: /bin/mount, /sbin/mount.cifs, /bin/umount

    audacious - precarious - hazardous
    "What is the robbing of a bank compared to the FOUNDING of a bank?" Berthold Brecht
    Advanced reply Adv Reply  
  5. November 29th, 2012 #5
    Ed54_3
    Ed54_3 is offline First Cup of Ubuntu
    Join Date
    Jul 2008
    Beans
    9

    Re: /etc/sudoers configuration

    You are right, this is perhaps insecure. Is there a better way of achieving the same result? This would also solve my problem since I would only need one line in /etc/sudoers then.
    Advanced reply Adv Reply  
  6. December 28th, 2012 #6
    Ed54_3
    Ed54_3 is offline First Cup of Ubuntu
    Join Date
    Jul 2008
    Beans
    9

    Re: /etc/sudoers configuration

    I solved this issue by using an alias as follows:

    Code:
    #Cmnd alias specification
Cmnd_Alias MOUNT_COMMANDS = /bin/mount, /sbin/mount.cifs, /bin/umount


#Allow all network admins root access
%DOMAIN\\admin_domain_group ALL=(ALL) ALL

#Allow all non-privileged users permission to mount filesystems
ALL ALL=NOPASSWD:MOUNT_COMMANDS
    I'm not entirely sure why this worked, and my previous attempt didn't, but my issue is resolved.
    Advanced reply Adv Reply  
« Previous Thread | Next Thread »

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Ubuntu Forums Code of Conduct