So I have this centos 5.10 box which authenticates network users
against ldap(authorizing)+kerberos(authentication). And I now would
like to have sudo be able to allow admins (netgroup chinbeards) to
sudo about. I am not using sssd though (yet).
Here is the output of me trying sudo (debug on):
On Sun, Jan 19, 2014 at 6:12 PM, Mauricio Tavares raubvo...@gmail.com wrote:
So I have this centos 5.10 box which authenticates network users
against ldap(authorizing)+kerberos(authentication). And I now would
like to have sudo be able to allow admins (netgroup chinbeards) to
sudo about. I am
Consider using the NOPASSWD option, on the remote systems, to allow this
particular use to run this particular script.
--
Mike Burger
http://www.bubbanfriends.org
It's always suicide-mission this, save-the-planet that. No one ever just
stops by to say 'hi' anymore. --Colonel Jack O'Neill, SG1
Consider using the NOPASSWD option, on the remote systems, to allow this
particular use to run this particular script.
--
Mike Burger
http://www.bubbanfriends.org
It's always suicide-mission this, save-the-planet that. No one ever just
stops by to say 'hi' anymore. --Colonel Jack O'Neill, SG1
Some notes:
Every time you echo $?, you are wiping out the return status (because
echo returns a success and changes $? to 0), so none of your if statements
will ever catch any errors.
Consider getting rid of the 'if' subtrees by negating your condition, which
will make it much easier to
Hello list,
I took another stab at finding a way to add a sudo user remotely and it
gets you most of the way there. If you execute the script as root it works
beautifully and does just what you want. Which is add the user to the
group and gives that user group rights to certain commands.
But
Hi.
I have a user that I want to limit to only running a couple of commands ...
As in here user just copy and paste where needed , sorry thats all your
allowed to do ... but thus far I can't get the syntax correct for the
sudoers file
line 115| greg ALL = /bin/chmod -R o+rx /opt
line 116|
On Fri, Nov 09, 2012 at 11:37:34AM +1300, Gregory Machin wrote:
line 117| greg ALL = /bin/chown -R root:root /opt
line 118| greg ALL = /usr/bin/setfact -R -m u:greg.reeve:rwx /opt
line 119| greg ALL = /usr/bin/setfact -d -R -m u:greg.reeve:rwx /opt
Try putting a \ in front of all
On Tue, Sep 20, 2011 at 1:48 PM, John Doe jd...@yahoo.com wrote:
Tried with -- ?
Maybe replace the last * with [! ]*
doesn't work. Any other idea?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
From: Sven Aluoor alu...@gmail.com
On Tue, Sep 20, 2011 at 1:48 PM, John Doe jd...@yahoo.com wrote:
Tried with -- ?
Maybe replace the last * with [! ]*
doesn't work. Any other idea?
I tried the following in /etc/sudoers:
myuser ALL=/o*/te*
And cat /opt/test
#!/bin/bash
echo $*
Hi folks
I allow the user tommy to run this command as root
sudoCommand: /app/appname/connectors/*/*/current/bin/*
With sudo -l he sees the sudoers, but is unable to execute.
$ sudo /app/appname/connectors/zur/namename/current/bin/othername
agentsvc --i --u root --sn 1m7command
Sorry, user
From: Sven Aluoor alu...@gmail.com
I allow the user tommy to run this command as root
sudoCommand: /app/appname/connectors/*/*/current/bin/*
$ sudo /app/appname/connectors/zur/namename/current/bin/othername
agentsvc --i --u root --sn 1m7command
Sorry, user tommy is not allowed to execute
On Wed, Jul 27, 2011 at 7:39 AM, Craig White craigwh...@azapple.com wrote:
On Tue, 2011-07-26 at 15:59 -0500, Trey Dockendorf wrote:
Well I verified that putting the following line in /etc/sudoers works
zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet
However if I put it in
On Tue, 2011-07-26 at 15:59 -0500, Trey Dockendorf wrote:
Well I verified that putting the following line in /etc/sudoers works
zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet
However if I put it in /etc/sudoers.d/zabbix-puppet it does not.
Exact same spacing and everything.
Well I verified that putting the following line in /etc/sudoers works
zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet
However if I put it in /etc/sudoers.d/zabbix-puppet it does not. Exact same
spacing and everything.
The file was created with Puppet , and based on these errors I'm at a
I am unable to get the #includedir function to work with sudo. This works
just fine on all my CentOS 5.6 servers, but on 6 it is being ignored. I
have this line in the file /etc/sudoers.d/zabbix-puppet
zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet
However sudo still requires a
Correction, seems to be broken in 5.6 as well...I also had this interesting
argument with sudo...
# visudo -c -f /etc/sudoers.d/zabbix-puppet
/etc/sudoers.d/zabbix-puppet: syntax error near line 0
parse error in /etc/sudoers.d/zabbix-puppet near line 0
(((NOTE: I made absolutely no changes ,
On Mon, Jul 25, 2011 at 7:41 PM, Trey Dockendorf treyd...@gmail.com wrote:
I am unable to get the #includedir function to work with sudo. This works
just fine on all my CentOS 5.6 servers, but on 6 it is being ignored. I
have this line in the file /etc/sudoers.d/zabbix-puppet
zabbix
On 07/25/11 4:41 PM, Trey Dockendorf wrote:
I am unable to get the #includedir function to work with sudo. This
works just fine on all my CentOS 5.6 servers, but on 6 it is being
ignored. I have this line in the file /etc/sudoers.d/zabbix-puppet
zabbix ALL=NOPASSWD:
Hi,
I have a confusing problem. I have two centos 5,5 boxes. Both have
sudo.i3861.7.2p1-9.el5_5
installed
I am using the same sudoers file, but the one on box A keeps trying to
do DNS lookups
while the one on box B does not. How do I disable
Maybe I am missing something here.. but what does 'sudo' have to do with
DNS resolution?
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
Behalf Of Steve Clark
Sent: Friday, December 10, 2010 7:44 AM
To: CentOS mailing list
Subject: [CentOS] sudo doing DNS lookup
Hi
list
*Subject:* [CentOS] sudo doing DNS lookup
Hi,
I have a confusing problem. I have two centos 5,5 boxes. Both have
sudo.i3861.7.2p1-9.el5_5
installed
I am using the same sudoers file, but the one on box A keeps trying to
do DNS lookups
while
From: Steve Clark scl...@netwolves.com
I have a confusing problem. I have two centos 5,5 boxes. Both have
sudo.i3861.7.2p1-9.el5_5
installed
I am using the same sudoers file, but the one on box A keeps trying to do DNS
lookups
while the one on box B
On 12/10/2010 09:04 AM, John Doe wrote:
From: Steve Clarkscl...@netwolves.com
I have a confusing problem. I have two centos 5,5 boxes. Both have
sudo.i3861.7.2p1-9.el5_5
installed
I am using the same sudoers file, but the one on box A keeps trying
On Fri, 10 Dec 2010, Steve Clark wrote:
it hangs for a long time, this is when I don't have connection to the net,
if I have connection there is just a slight pause while tries to do the DNS
lookup.
What makes you sure it's a DNS lookup that causes the long hang when there's
no network
On Fri, Dec 10, 2010 at 02:53:19PM +, John Hodrien wrote:
On Fri, 10 Dec 2010, Steve Clark wrote:
it hangs for a long time, this is when I don't have connection to the net,
if I have connection there is just a slight pause while tries to do the DNS
lookup.
What makes you sure it's
From: Steve Clark scl...@netwolves.com
Without the:
Defaults fqdn
it hangs for a long time, this is when I don't have connection to the net,
if I have connection there is just a slight pause while tries to do the DNS
lookup.
Did you compare the following files between both servers?
On Fri, 10 Dec 2010, Scott Robbins wrote:
Just to eliminate other possibilities--are either of these
authenticating against an LDAP server?
That was entirely the line I was probing. nsswitch.conf would be telling.
jh
___
CentOS mailing list
On Fri, Dec 10, 2010 at 8:43 AM, Steve Clark scl...@netwolves.com wrote:
I have a confusing problem. I have two centos 5,5 boxes. Both have
sudo.i386 1.7.2p1-9.el5_5
installed
I am using the same sudoers file, but the one on box A keeps trying to do
DNS
On 12/10/2010 10:40 AM, Tom H wrote:
On Fri, Dec 10, 2010 at 8:43 AM, Steve Clarkscl...@netwolves.com wrote:
I have a confusing problem. I have two centos 5,5 boxes. Both have
sudo.i3861.7.2p1-9.el5_5
installed
I am using the same sudoers file, but the one
On Fri, Dec 10, 2010 at 2:23 PM, Steve Clark scl...@netwolves.com wrote:
On 12/10/2010 10:40 AM, Tom H wrote:
On Fri, Dec 10, 2010 at 8:43 AM, Steve Clark scl...@netwolves.com wrote:
I have a confusing problem. I have two centos 5,5 boxes. Both have
sudo.i386
On Fri, Dec 10, 2010 at 8:43 AM, Steve Clark scl...@netwolves.com wrote:
Hi,
I have a confusing problem. I have two centos 5,5 boxes. Both have
sudo.i386 1.7.2p1-9.el5_5
installed
I am using the same sudoers file, but the one on box A keeps trying to do
DNS
From: David Goldsmith dgoldsm...@sans.org
On the first server (CentOS 5.4 i386) running sudo 1.6.9pl7-5 (from
base), here are the results of touching a file as a user, as root and as
a user sudoing to root:
On the second server (CentOS x86-64) running sudo 1.7.2p1-7 (from
updates), here
On 10/8/2010 4:42 AM, John Doe wrote:
From: David Goldsmith dgoldsm...@sans.org
On the first server (CentOS 5.4 i386) running sudo 1.6.9pl7-5 (from
base), here are the results of touching a file as a user, as root and as
a user sudoing to root:
On the second server (CentOS x86-64)
David Goldsmith wrote on 10/08/2010 09:09 AM:
...
Since the sudo 1.6.9 systems don't like seeing that line in their config
file, I either need to get all the systems upgraded to 1.7.2 or modify
Puppet to push different versions of the /etc/sudoers depending on what
version of sudo is
On Thu, Oct 7, 2010 at 11:35 PM, David Goldsmith dgoldsm...@sans.org wrote:
On 10/7/2010 9:59 PM, Tom H wrote:
On Thu, Oct 7, 2010 at 9:48 PM, David Goldsmith dgoldsm...@sans.org wrote:
On 10/7/2010 9:25 PM, Tom H wrote:
On Thu, Oct 7, 2010 at 7:20 PM, David Goldsmith dgoldsm...@sans.org
Two servers, each have normal user umask values of 0077 and root umask
values on 0022.
On the first server (CentOS 5.4 i386) running sudo 1.6.9pl7-5 (from
base), here are the results of touching a file as a user, as root and as
a user sudoing to root:
user: touch file- result is 600
On Thu, Oct 7, 2010 at 7:20 PM, David Goldsmith dgoldsm...@sans.org wrote:
Two servers, each have normal user umask values of 0077 and root umask
values on 0022.
On the first server (CentOS 5.4 i386) running sudo 1.6.9pl7-5 (from
base), here are the results of touching a file as a user, as
On 10/7/2010 9:25 PM, Tom H wrote:
On Thu, Oct 7, 2010 at 7:20 PM, David Goldsmith dgoldsm...@sans.org wrote:
Two servers, each have normal user umask values of 0077 and root umask
values on 0022.
On the first server (CentOS 5.4 i386) running sudo 1.6.9pl7-5 (from
base), here are the results
On Thu, Oct 7, 2010 at 9:48 PM, David Goldsmith dgoldsm...@sans.org wrote:
On 10/7/2010 9:25 PM, Tom H wrote:
On Thu, Oct 7, 2010 at 7:20 PM, David Goldsmith dgoldsm...@sans.org wrote:
Two servers, each have normal user umask values of 0077 and root umask
values on 0022.
On the first server
On 10/7/2010 9:59 PM, Tom H wrote:
On Thu, Oct 7, 2010 at 9:48 PM, David Goldsmith dgoldsm...@sans.org wrote:
On 10/7/2010 9:25 PM, Tom H wrote:
On Thu, Oct 7, 2010 at 7:20 PM, David Goldsmith dgoldsm...@sans.org wrote:
Two servers, each have normal user umask values of 0077 and root umask
Em 24-02-2010 00:22, David McGuffey escreveu:
I've done everything stated in the various guidance to get a regular
user to use virt-manager (graphical Virtual Machine Manager) under
CentOS 5.4 with KVM. Placing the user in the kvm group and changing
permissions on several files to include kvm
I've done everything stated in the various guidance to get a regular
user to use virt-manager (graphical Virtual Machine Manager) under
CentOS 5.4 with KVM. Placing the user in the kvm group and changing
permissions on several files to include kvm has not worked...the user
still needs to enter
On Fri, 23 Oct 2009 11:18:56 +0530
vijay shanker wrote:
if it expects my own password then why not i can execute these command
without giving sudo as prefix.
Because sudo is the program that gives you the rights to execute certain
commands as root without actually being the root user. If you
At Fri, 23 Oct 2009 10:50:38 +0530 CentOS mailing list centos@centos.org
wrote:
Hi guys,
Thanks
What i am trying to achieve is; when executing
# sudo make install
Password:*
this password entered is root password.
it gives is error
Sorry, try again.
Sudo asks for
Are you trying to run sudo when logged in as root? sudo is only used by
non root users.
Robert Heller wrote:
At Fri, 23 Oct 2009 10:50:38 +0530 CentOS mailing list centos@centos.org
wrote:
Hi guys,
Thanks
What i am trying to achieve is; when executing
# sudo make install
Hello guys;
I am not able to use sudo command on my just installed centos5.3
But i know i am using right password to root.
Is this is by default not enabled; if so, what to do.
Regards,
Vijay Shanker Dubey
Ph: +91-9818311884
___
CentOS mailing list
vijay shanker wrote:
Hello guys;
I am not able to use sudo command on my just installed centos5.3
But i know i am using right password to root.
Is this is by default not enabled; if so, what to do.
You really need to configure /etc/sudoers, if you have not already.
-Alan
use your user password for sudo not root's password.
sudo su -
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
2009/10/22 Jay jaybeat...@gmail.com:
sudo su -
sudo -s is so much neater! :)
Ben
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Benjamin Donnachie wrote:
2009/10/22 Jay jaybeat...@gmail.com:
sudo su -
sudo -s is so much neater! :)
But it is yet another unnecessary special case to remember.
--
Les Mikesell
lesmikes...@gmail.com
___
CentOS mailing list
At Thu, 22 Oct 2009 14:00:27 -0400 CentOS mailing list centos@centos.org
wrote:
Hello guys;
I am not able to use sudo command on my just installed centos5.3
But i know i am using right password to root.
Is this is by default not enabled; if so, what to do.
You don't use root's
Hi guys,
Thanks
What i am trying to achieve is; when executing
# sudo make install
Password:*
this password entered is root password.
it gives is error
Sorry, try again.
but when i do a su - and then gave the same root password. I am able to
switch account to user.
---
Am am
vijay shanker wrote:
Hi guys,
Thanks
What i am trying to achieve is; when executing
# sudo make install
Password:*
this password entered is root password.
sudo expeccts your USER password, not the root password. the whole
idea is the admin doesn't ened to give out the root
Goood John,
But you please also clarify what does sudo means;
if it expects my own password then why not i can execute these command
without giving sudo as prefix.
If i am a genuine sudoer then can i edit files on which only root has
execution rights.
Regards,
Vijay Shanker Dubey
Ph:
Hi
Biz_User needs to switch to Sales_User, and I tried following in sudoers:
Biz_User ALL=(Sales_User) ALL
but I get following error when I run sudo su - Sales_User
Sorry, user Biz_User is not allowed to execute '/usr/bin/su - Sales_User'
as root on Server_Name
I know that if I add root in
[EMAIL PROTECTED] a écrit :
Hi
Biz_User needs to switch to Sales_User, and I tried following in
sudoers:
Biz_User ALL=(Sales_User) ALL
but I get following error when I run sudo su - Sales_User
Sorry, user Biz_User is not allowed to execute '/usr/bin/su -
Sales_User'
as root on
On Fri, Oct 10, 2008 at 12:49:49PM -0400, [EMAIL PROTECTED] wrote:
Hi
Biz_User needs to switch to Sales_User, and I tried following in sudoers:
Biz_User ALL=(Sales_User) ALL
but I get following error when I run sudo su - Sales_User
Sorry, user Biz_User is not allowed to execute
Centos wrote:
Hello
unfortunately other users can change to my user name with sudo,
how I can prevent it ? is there a command to prevent to change to only my
user name ?
DO NOT HIJACK THREADS ON A MAILING LIST. Post a fresh mail to
centos@centos.org, don't just blindly reply to some mail
Hello
unfortunately other users can change to my user name with sudo,
how I can prevent it ? is there a command to prevent to change to only my
user name ?
Thanks
___
CentOS mailing list
CentOS@centos.org
Hello
Any time I am running sudo, I should have full path to the command,
for example sudo /sbin/ifconfig
Is there any way to set the path for sudo ?
Thanks
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Modify your ~/.bash_profile and /sbin to your path, i.e.,
PATH=/sbin:/usr/sbin:$PATH:$HOME/bin
On 7/22/07, centos [EMAIL PROTECTED] wrote:
Hello
Any time I am running sudo, I should have full path to the command,
for example sudo /sbin/ifconfig
Is there any way to set the path for sudo ?
Sorry for my typo error - should have been:
Modify your ~./bash_profile and add /sbin to your PATH.
cheers!
On 7/22/07, Eduardo Dela Rosa [EMAIL PROTECTED] wrote:
Modify your ~/.bash_profile and /sbin to your path, i.e.,
PATH=/sbin:/usr/sbin:$PATH:$HOME/bin
On 7/22/07, centos [EMAIL
63 matches
Mail list logo