On Apr 28, 2011, at 12:42 PM, John B Brown wrote: > Dear Alex, > > In the original source for sudo there is a configure condition that > must be met for group members; > > "--with-exempt=group no passwd needed for users in this group" > > Which condition do you think Apple set for this? Your group 'sudoers' > or 'wheel' or some other condition? I suspect this condition is unset as > delivered by Apple. > > Or, possibly, this original configuration is unnecessary? Just a waste > of programming space? > > Some errors come from reworking an original program for proprietary > motives, and ignoring the original configuration conditions. The group I use > for purposes of system maintenance is 'wheel.' The original version includes > in a sudoers script; > > " > # Uncomment to allow people in group wheel to run all commands > # %wheel ALL=(ALL) ALL > > # Same thing without a password > # %wheel ALL=(ALL) NOPASSWD: ALL > " > > Uncommenting the wheel lines in sudoers using the Apple delivered sudo > does not provide NOPASSWD action for group 'wheel.' Compiling original source > with '--with-exempt=wheel' provides wheel with NOPASSWD action. Under that > condition /etc/sudoers seems to work correctly. Apples compile seems not to > provide that correct action. > > Myself, I don't use those 'wheel' lines in sudoers. I set my user for > the second condition above. That way, as member of group wheel, I get to use > sudo without a password because I compile sudo source using > --with-exempt=wheel. Otherwise, I will be asked for a password. > > Or maybe its an Apple OS group permissions thing and mine are not > correctly set?
John, I don't have this NOPASSWD issue. Did you add yourself to the wheel group? pillbox:pixilla brad$ sudo which sudo /usr/bin/sudo pillbox:pixilla brad$ sudo grep -E "^%wheel" /etc/sudoers %wheel ALL=(ALL) NOPASSWD: ALL pillbox:pixilla brad$ dscl localhost -read /Local/Default/Groups/wheel | grep GroupMembership GroupMembership: root brad Regards, Bradley Giesbrecht (pixilla) _______________________________________________ macports-users mailing list [email protected] http://lists.macosforge.org/mailman/listinfo.cgi/macports-users
