Re: ReInstall of System borked Admin Pwd for Apps
Stephen Allen wrote: Bob Proulx wrote: You already have a root user account. All Unix-like machines will have a root user superuser account. That is uid 0 on the machine by definition. All you need to know is the password for it. Hm OK I understand this if one is doing a conventional *ix install, but when installing using only a sudo account there is only one password asked for, that is the user password. So I don't quite understand how there could possibly be 2 passwords?? But all released versions of Debian always install both a root account and a normal user account. Hmm... You said you installed Wheezy Testing. How did you do this? The normal method of installing Testing/Unstable is to actually install Stable and then upgrade. That is probably what you should do in the future. Testing isn't done yet. If that is what you did then you have probably just tripped over one of the many issues that will need to be worked through before Testing can be released. If you jump on the daily builds for the debian-installer and then install Testing using the Testing installer then it is actually quite likely that you will find bugs in the installer. Those bits are undergoing development and won't be polished up until much later in the development cycle. Feel free to file bugs against the installer if you are participating in its testing. And if you are using it then you are participating in the testing whether you realized it or not. I recommend installing using the Stable installer, currently Squeeze, and then upgrade if you want to run Testing. That is a known reliable route. You say you have sudo access. If you have forgotten the root password then simply set a new one for it. Right but again only one password is asked for when setting up a new install to use SUDOERS. If you install Debian Stable Squeeze you will be asked for a root account and then a normal user account. Debian doesn't install sudo by default. But I think it is a good practice to always install sudo and configure it and so I always do that when setting up a system and encourage it for others too. But if you are just using Synaptic from the GUI menu then you don't need sudo. It is still a good idea though. I'm beginning to be more assured that this is a bug when doing an install with an existing home partition. I don't see how that is related. Doesn't mean that it isn't. I just don't see how it could be related. I think you used one of the development installers from testing and didn't realize that it is still under active development and isn't really ready for the world to use yet. I mean you can use it, obviously, but it isn't polished up yet and there are undoubtedly bugs in the new process to be worked out before the next release. The previous root password wouldn't have been stored encrypted on a regular user's home partition would it. No I don't think so, that wouldn't make much sense. No. Nothing like that is stored in your home directory. This is perhaps an opportune time for me to gently nudge that the command line really isn't that scary. Try it and you might like it. You can do anything you think you ned Synaptic for but probably faster and easier using APT commands directly from the command line. I use CLI mostly. I am after all using mutt ;) Only just recently started using Synaptic and found out to my chagrin that I actually like it. Oh no! You are going over to the dark side. That way leads to madness, even if they do have cookies. :-) Bob signature.asc Description: Digital signature
Re: ReInstall of System borked Admin Pwd for Apps
On Fri, Sep 9, 2011 at 1:53 PM, Bob Proulx b...@proulx.com wrote: But all released versions of Debian always install both a root account and a normal user account. ... If you install Debian Stable Squeeze you will be asked for a root account and then a normal user account. Debian doesn't install sudo by default. True by default but if you set an empty root password using the regular install or skip the creation of a root account using the expert install, sudo's set up. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAOdo=sw83bnfryxzyw_swo-pfel67krtedipy2_45p_k22s...@mail.gmail.com
Re: ReInstall of System borked Admin Pwd for Apps
Tom H wrote: Bob Proulx wrote: But all released versions of Debian always install both a root account and a normal user account. ... If you install Debian Stable Squeeze you will be asked for a root account and then a normal user account. Debian doesn't install sudo by default. True by default but if you set an empty root password using the regular install or skip the creation of a root account using the expert install, sudo's set up. What? Yes! You are right. And I was most definitely wrong about things. I owe Stephen Allen an apology. I have been blowing past the root account setup so many times that I haven't actually been reading it. And mostly I preseed it away anyway so I don't even see it. But I have seen it often enough that I should have caught up to the changes. I removed all preseeding and very carefully walked through the installation and yes it does say that if no root password is set up that it configures sudo. I did that, no root password, and yes it automatically installs sudo and configures it for the user. I started Synaptic from the GUI menu system and it spawned a slightly different dialog from the normal root, I could tell it was different, and asked for the user password for the gksudo. Typed in the user password and Synaptic was launched okay. Like Kyle, I learned something today. Now the question is how is this case configured for Synaptic? In this case the user is not installed in /etc/sudoers. But it does add the user to the 'sudo' group. And in the default /etc/sudoers file it includes this line: # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL So that explains how users are set up to use sudo in that installation case. However I haven't looked to see what configures Synaptic to use one method or the other for authorizing the user. I will research that and report what I learn. It would be good to know about it. But no time at the moment. Maybe not until next Monday since I will be away from the keyboard all weekend. Bob signature.asc Description: Digital signature
Re: ReInstall of System borked Admin Pwd for Apps
Bob Proulx wrote: So that explains how users are set up to use sudo in that installation case. However I haven't looked to see what configures Synaptic to use one method or the other for authorizing the user. I will research that and report what I learn. It would be good to know about it. But no time at the moment. Maybe not until next Monday since I will be away from the keyboard all weekend. The installer runs: update-alternatives --set libgksu-gconf-defaults /usr/share/libgksu/debian/gconf-defaults.libgksu-sudo update-gconf-defaults -- see shy jo signature.asc Description: Digital signature
Re: ReInstall of System borked Admin Pwd for Apps
On Fri, Sep 09, 2011 at 11:53:14AM -0600, Bob Proulx wrote: Stephen Allen wrote: Bob Proulx wrote: You already have a root user account. All Unix-like machines will have a root user superuser account. That is uid 0 on the machine by definition. All you need to know is the password for it. Hm OK I understand this if one is doing a conventional *ix install, but when installing using only a sudo account there is only one password asked for, that is the user password. So I don't quite understand how there could possibly be 2 passwords?? But all released versions of Debian always install both a root account and a normal user account. Not if you choose to install sudo at that time. Hmm... You said you installed Wheezy Testing. How did you do this? The normal method of installing Testing/Unstable is to actually install Stable and then upgrade. That is probably what you should do in the future. Testing isn't done yet. If that is what you did then you have probably just tripped over one of the many issues that will need to be worked through before Testing can be released. I do many installs over the course of a year. This was done via the Wheezy Debian Installer. If you jump on the daily builds for the debian-installer and then install Testing using the Testing installer then it is actually quite likely that you will find bugs in the installer. Those bits are undergoing development and won't be polished up until much later in the development cycle. Feel free to file bugs against the installer if you are participating in its testing. And if you are using it then you are participating in the testing whether you realized it or not. I recommend installing using the Stable installer, currently Squeeze, and then upgrade if you want to run Testing. That is a known reliable route. You say you have sudo access. If you have forgotten the root password then simply set a new one for it. When using sudo the root password is the user password. Right but again only one password is asked for when setting up a new install to use SUDOERS. If you install Debian Stable Squeeze you will be asked for a root account and then a normal user account. Debian doesn't install sudo by default. But I think it is a good practice to always install sudo and configure it and so I always do that when setting up a system and encourage it for others too. But if you are just using Synaptic from the GUI menu then you don't need sudo. It is still a good idea though. I'm beginning to be more assured that this is a bug when doing an install with an existing home partition. I don't see how that is related. Doesn't mean that it isn't. I just don't see how it could be related. If one installs the sudo feature on a virgin install isn't the gksu information stored in the users directory? Not sure myself. Cheers -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110910004417.ga10...@thinkpad.gateway.2wire.net
Re: ReInstall of System borked Admin Pwd for Apps
On Wed, Sep 07, 2011 at 08:32:47PM -0600, Bob Proulx wrote: Stephen Allen wrote: So I guess perhaps the way forward is to add a root user, install su and remove sudoers? You already have a root user account. All Unix-like machines will have a root user superuser account. That is uid 0 on the machine by definition. All you need to know is the password for it. Hm OK I understand this if one is doing a conventional *ix install, but when installing using only a sudo account there is only one password asked for, that is the user password. So I don't quite understand how there could possibly be 2 passwords?? You say you have sudo access. If you have forgotten the root password then simply set a new one for it. Right but again only one password is asked for when setting up a new install to use SUDOERS. I'm beginning to be more assured that this is a bug when doing an install with an existing home partition. The previous root password wouldn't have been stored encrypted on a regular user's home partition would it. No I don't think so, that wouldn't make much sense. $ sudo passwd root Once you set the new password, so that you know it, then you will be able to enter it when gksu asks it for Synaptic. That should get you going. This is perhaps an opportune time for me to gently nudge that the command line really isn't that scary. Try it and you might like it. You can do anything you think you ned Synaptic for but probably faster and easier using APT commands directly from the command line. I use CLI mostly. I am after all using mutt ;) Only just recently started using Synaptic and found out to my chagrin that I actually like it. Cheers. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110909034232.ga2...@thinkpad.gateway.2wire.net
Re: ReInstall of System borked Admin Pwd for Apps
On Mon, Sep 05, 2011 at 11:00:29PM -0600, Bob Proulx wrote: Stephen Allen wrote: Just to follow-up to my previous email, Bob's suggestion didn't work either. That stanza was already entered. Are you running Synaptic through sudo? Or is it asking you for the password itself? I never run Synaptic. But I use sudo a lot. It works fine using sudo from CLI that's no problem. The only issue is when run from the menu; the password prompt is from gksu? That's where the issue arises, not just with synaptic but with any app that requires admin privs. Synaptic was just an example. What is the output of sudo -l? $ sudo -l Matching Defaults entries for rwp on this host: env_reset, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin, env_keep+=HOME, env_keep+=MAIL, !lecture, !fqdn User rwp may run the following commands on this host: (ALL) ALL Matching Defaults entries for sda on this host: env_reset, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin mine: User 'xxx' may run the following commands on this host: (ALL : ALL) ALL (ALL : ALL) ALL What output do you get when you run sudo id? $ sudo id uid=0(root) gid=0(root) groups=0(root) mine: uid=0(root) gid=0(root) groups=0(root) --- Since you came into the thread midstream I'll reiterate that this was all working before I re-installed Debian. My hardrive has 2 partitions; root and home. So the re-install was on root only leaving home untouched. Then this problem arose. When I re-installed I used the same username and installed sudo rather than a separate root account. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110907120404.ga25...@thinkpad.gateway.2wire.net
Re: ReInstall of System borked Admin Pwd for Apps
Stephen Allen wrote: Bob Proulx wrote: Are you running Synaptic through sudo? Or is it asking you for the password itself? I never run Synaptic. But I use sudo a lot. It works fine using sudo from CLI that's no problem. The only issue is when run from the menu; the password prompt is from gksu? That's where the issue arises, not just with synaptic but with any app that requires admin privs. Synaptic was just an example. Sorry. I was focusing on the sudo side of things since I was just working in that area and saw the sudo part of the thread. The gksu is an su utility and needs the root password. For sudo you would need to use gksudo instead. I don't use either of those and so know little about them. But running Synaptic from the GNOME menu calls gksu and therefore needs root's password. Since you came into the thread midstream I'll reiterate that this was all working before I re-installed Debian. My hardrive has 2 partitions; root and home. So the re-install was on root only leaving home untouched. Then this problem arose. When I re-installed I used the same username and installed sudo rather than a separate root account. I don't think the re part matters. At this point it is simply an install. And the discussion of sudo was just a red herring distracting from the real problem. I think the real problem is that if you are running Synaptic from a GUI menu pick (from GNOME by default, but I don't see where you said) then it is running gksu and gksu requires the root password. I installed a scratch system just now and tested running Synaptic from the default GNOME installation. It definitely wants root's password and not a sudo password. Bob signature.asc Description: Digital signature
Re: ReInstall of System borked Admin Pwd for Apps
On Wed, Sep 07, 2011 at 12:48:26PM -0600, Bob Proulx wrote: I don't think the re part matters. At this point it is simply an install. And the discussion of sudo was just a red herring distracting from the real problem. I think the real problem is that if you are running Synaptic from a GUI menu pick (from GNOME by default, but I don't see where you said) then it is running gksu and gksu requires the root password. I didn't mention it specifically but it was the other guy who brought up sudo being the issue. I had my doubts but humored his requests. I know just enough to be dangerous. ;) I installed a scratch system just now and tested running Synaptic from the default GNOME installation. It definitely wants root's password and not a sudo password. Right that has got to be the difference. Appreciate the fact that you did an install to test this! So I guess perhaps the way forward is to add a root user, install su and remove sudoers? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110908020942.ga2...@thinkpad.gateway.2wire.net
Re: ReInstall of System borked Admin Pwd for Apps
Stephen Allen wrote: Bob Proulx wrote: I installed a scratch system just now and tested running Synaptic from the default GNOME installation. It definitely wants root's password and not a sudo password. Right that has got to be the difference. Appreciate the fact that you did an install to test this! I have been preparing a PXE network boot installation for a big deployment that I need to be doing soon. So I actually have been doing repeated installations all day today. :-) So I guess perhaps the way forward is to add a root user, install su and remove sudoers? You already have a root user account. All Unix-like machines will have a root user superuser account. That is uid 0 on the machine by definition. All you need to know is the password for it. You say you have sudo access. If you have forgotten the root password then simply set a new one for it. $ sudo passwd root Once you set the new password, so that you know it, then you will be able to enter it when gksu asks it for Synaptic. That should get you going. This is perhaps an opportune time for me to gently nudge that the command line really isn't that scary. Try it and you might like it. You can do anything you think you ned Synaptic for but probably faster and easier using APT commands directly from the command line. $ apt-cache search whatever $ sudo apt-get install whatever Tastes great and is less filling! Works even when your X window environment isn't available. But I know that other people haven't been able to convert me to preferring to use a mouse and GUI after all of these years and so I won't try to convince anyone else of the reverse either. Beyond mentioning it here and now. (^_^) Bob signature.asc Description: Digital signature
Re: ReInstall of System borked Admin Pwd for Apps
On Sun, Sep 04, 2011 at 10:32:03PM -0600, Bob Proulx wrote: darkestkhan wrote: Stephen Allen wrote: Unfortuantely the suggested fix didn't work. Just recently a new sudo entered Wheezy Testing and it changed the behavior of secure_path. See Bug#639841 for details. But it means that you need to add this line too: Defaults secure_path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin In addition to the other line: username ALL=(ALL:ALL) ALL It has to be noted that things worked well without merging changes in /etc/sudoers as long as programs were run by me - if program run by me with root privileges was running different program then I got errors that it can't find things in /sbin (and thus I knew that I have to look at changes in /etc/sudoers) Your PATH problem in Wheezy/Sid is the same thing. See Bug#639841. Add the secure_path line above and it will work for you again. Bob ---end quoted text--- Cool, thanks Bob. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110906015240.ga31...@thinkpad.gateway.2wire.net
Re: ReInstall of System borked Admin Pwd for Apps
Just to follow-up to my previous email, Bob's suggestion didn't work either. That stanza was already entered. Thanks. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110906044858.ga1...@thinkpad.gateway.2wire.net
Re: ReInstall of System borked Admin Pwd for Apps
Stephen Allen wrote: Just to follow-up to my previous email, Bob's suggestion didn't work either. That stanza was already entered. Are you running Synaptic through sudo? Or is it asking you for the password itself? I never run Synaptic. But I use sudo a lot. What is the output of sudo -l? $ sudo -l Matching Defaults entries for rwp on this host: env_reset, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin, env_keep+=HOME, env_keep+=MAIL, !lecture, !fqdn User rwp may run the following commands on this host: (ALL) ALL What output do you get when you run sudo id? $ sudo id uid=0(root) gid=0(root) groups=0(root) Bob signature.asc Description: Digital signature
Re: ReInstall of System borked Admin Pwd for Apps
On Sat, 3 Sep 2011 19:48:33 -0400 Stephen Allen marathon.duran...@gmail.com wrote: On Sat, Sep 03, 2011 at 11:32:00AM +, darkestkhan wrote: 2011/9/3 Stephen Allen marathon.duran...@gmail.com: It contains just 2 fields; # User privilege specification root ALL=(ALL:ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL /etc/sudoers contains informations about who has rights to access root level privileges (though I know it can do much more, like giving only limited privileges) at the bottom of /etc/sudoers you should have this line: username ALL=(ALL) ALL where username is the name of user that will have root level privileges, so in my case it is like this: darkestkhan ALL=(ALL) ALL You will probably have to run in maintenance (or rescue, forgot how it was called) mode, after that (or reboot) everything should work ---end quoted text--- Cool. Thanks for the help. Strange why that line isn't there aye? Sudo in sid has just been updated to a version with a different sudoers file format. Those who opted for a new configuration file got the empty one quoted above, those who opted to keep theirs kept their own additions to the old one. The latter also ended up with a sudo which couldn't see sbin and the lower level sbins, which then stopped further updates from working under sudo... possibly a changelog would have been in order? The clean new sudoers was also provided (as the .dpkg-dist file), so it wasn't too hard to combine the two (clue: the Defaults secure_path configuration is necessary to restore the path to include the sbins). -- Joe -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110904090338.1c62b...@jretrading.com
Re: ReInstall of System borked Admin Pwd for Apps
2011/9/3 Stephen Allen marathon.duran...@gmail.com: On Sat, Sep 03, 2011 at 11:32:00AM +, darkestkhan wrote: 2011/9/3 Stephen Allen marathon.duran...@gmail.com: It contains just 2 fields; # User privilege specification root ALL=(ALL:ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL /etc/sudoers contains informations about who has rights to access root level privileges (though I know it can do much more, like giving only limited privileges) at the bottom of /etc/sudoers you should have this line: username ALL=(ALL) ALL where username is the name of user that will have root level privileges, so in my case it is like this: darkestkhan ALL=(ALL) ALL You will probably have to run in maintenance (or rescue, forgot how it was called) mode, after that (or reboot) everything should work ---end quoted text--- Cool. Thanks for the help. Strange why that line isn't there aye? Well, probably because maintainers can't be sure about which user should have root level privileges, so it has actualized file without asking question whether it should do so (this one is because of synaptic, can't blame it - most (nontechnical) users won't notice those changes, and in most cases system doesn't brake). As I'm updating from command line I got information about changes in /etc/sudoers but I decided to handle this manually as tool for merging changes in config files is not too helpful (but it could be, arch and gentoo are doing much better in this aspect) darkestkhan -- Feel free to CC me. jid: darkestk...@gmail.com May The Source be with You. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CACRpbMh+e6yxwab=BHNMLB2mUwQ9xTwn=wo_c+zcf7egowm...@mail.gmail.com
Re: ReInstall of System borked Admin Pwd for Apps
On Sun, Sep 04, 2011 at 09:03:38AM +0100, Joe wrote: On Sat, 3 Sep 2011 19:48:33 -0400 Stephen Allen marathon.duran...@gmail.com wrote: Cool. Thanks for the help. Strange why that line isn't there aye? Sudo in sid has just been updated to a version with a different sudoers file format. Those who opted for a new configuration file got the empty one quoted above, those who opted to keep theirs kept their own additions to the old one. The latter also ended up with a sudo which couldn't see sbin and the lower level sbins, which then stopped further updates from working under sudo... possibly a changelog would have been in order? The clean new sudoers was also provided (as the .dpkg-dist file), so it wasn't too hard to combine the two (clue: the Defaults secure_path configuration is necessary to restore the path to include the sbins). -- Joe --end quoted text-- Thanks for the explanation. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110904120624.ga1...@thinkpad.gateway.2wire.net
Re: ReInstall of System borked Admin Pwd for Apps
On Sun, Sep 04, 2011 at 08:04:20AM +, darkestkhan wrote: 2011/9/3 Stephen Allen marathon.duran...@gmail.com: On Sat, Sep 03, 2011 at 11:32:00AM +, darkestkhan wrote: /etc/sudoers contains informations about who has rights to access root level privileges (though I know it can do much more, like giving only limited privileges) at the bottom of /etc/sudoers you should have this line: username ALL=(ALL) ALL where username is the name of user that will have root level privileges, so in my case it is like this: darkestkhan ALL=(ALL) ALL You will probably have to run in maintenance (or rescue, forgot how it was called) mode, after that (or reboot) everything should work ---end quoted text--- Cool. Thanks for the help. Strange why that line isn't there aye? Well, probably because maintainers can't be sure about which user should have root level privileges, so it has actualized file without asking question whether it should do so (this one is because of synaptic, can't blame it - most (nontechnical) users won't notice those changes, and in most cases system doesn't brake). As I'm updating from command line I got information about changes in /etc/sudoers but I decided to handle this manually as tool for merging changes in config files is not too helpful (but it could be, arch and gentoo are doing much better in this aspect) darkestkhan -- Feel free to CC me. jid: darkestk...@gmail.com May The Source be with You. ---end quoted text--- Unfortuantely the suggested fix didn't work. Must have something to do with PAM? Doesn't PAM interact with the Keychain and maybe SUDOERS to authorize a user wanting to run for example, Synaptic? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110904121033.gb1...@thinkpad.gateway.2wire.net
Re: ReInstall of System borked Admin Pwd for Apps
2011/9/4 Stephen Allen marathon.duran...@gmail.com: On Sun, Sep 04, 2011 at 08:04:20AM +, darkestkhan wrote: 2011/9/3 Stephen Allen marathon.duran...@gmail.com: On Sat, Sep 03, 2011 at 11:32:00AM +, darkestkhan wrote: /etc/sudoers contains informations about who has rights to access root level privileges (though I know it can do much more, like giving only limited privileges) at the bottom of /etc/sudoers you should have this line: username ALL=(ALL) ALL where username is the name of user that will have root level privileges, so in my case it is like this: darkestkhan ALL=(ALL) ALL You will probably have to run in maintenance (or rescue, forgot how it was called) mode, after that (or reboot) everything should work ---end quoted text--- Cool. Thanks for the help. Strange why that line isn't there aye? Well, probably because maintainers can't be sure about which user should have root level privileges, so it has actualized file without asking question whether it should do so (this one is because of synaptic, can't blame it - most (nontechnical) users won't notice those changes, and in most cases system doesn't brake). As I'm updating from command line I got information about changes in /etc/sudoers but I decided to handle this manually as tool for merging changes in config files is not too helpful (but it could be, arch and gentoo are doing much better in this aspect) Unfortuantely the suggested fix didn't work. Must have something to do with PAM? Doesn't PAM interact with the Keychain and maybe SUDOERS to authorize a user wanting to run for example, Synaptic? It should work... (there is space after right parenthesis (and it may be that you it should be username ALL=(ALL:ALL) ALL but if it still doesn't work then I can't be of much help - it works for me, though, admittedly I don't use PAM so it may be that it does work until I will have to use something with PAM (or other similar solution). PS: It has to be noted that things worked well without merging changes in /etc/sudoers as long as programs were run by me - if program run by me with root privileges was running different program then I got errors that it can't find things in /sbin (and thus I knew that I have to look at changes in /etc/sudoers) darkestkhan -- Feel free to CC me. jid: darkestk...@gmail.com May The Source be with You. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/cacrpbmgh3makmv8kespgmf6tgapafux86lzmehn+wv6mwya...@mail.gmail.com
Re: ReInstall of System borked Admin Pwd for Apps
darkestkhan wrote: Stephen Allen wrote: Unfortuantely the suggested fix didn't work. Just recently a new sudo entered Wheezy Testing and it changed the behavior of secure_path. See Bug#639841 for details. But it means that you need to add this line too: Defaults secure_path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin In addition to the other line: username ALL=(ALL:ALL) ALL It has to be noted that things worked well without merging changes in /etc/sudoers as long as programs were run by me - if program run by me with root privileges was running different program then I got errors that it can't find things in /sbin (and thus I knew that I have to look at changes in /etc/sudoers) Your PATH problem in Wheezy/Sid is the same thing. See Bug#639841. Add the secure_path line above and it will work for you again. Bob signature.asc Description: Digital signature
Re: ReInstall of System borked Admin Pwd for Apps
On Fri, Sep 02, 2011 at 05:32:03AM +, darkestkhan wrote: 2011/9/1 Stephen Allen marathon.duran...@gmail.com: Hello. What do I have to do to fix this? check out /etc/sudoers if it contains all fields ---end quoted text--- It contains just 2 fields; # User privilege specification rootALL=(ALL:ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL It is sudoers that controls GUI access to applications requiring root access? Thought the keyring +had something to do with that? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110903062555.gb18...@thinkpad.gateway.2wire.net
Re: ReInstall of System borked Admin Pwd for Apps
2011/9/3 Stephen Allen marathon.duran...@gmail.com: On Fri, Sep 02, 2011 at 05:32:03AM +, darkestkhan wrote: 2011/9/1 Stephen Allen marathon.duran...@gmail.com: Hello. What do I have to do to fix this? check out /etc/sudoers if it contains all fields ---end quoted text--- It contains just 2 fields; # User privilege specification root ALL=(ALL:ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL It is sudoers that controls GUI access to applications requiring root access? Thought the keyring +had something to do with that? /etc/sudoers contains informations about who has rights to access root level privileges (though I know it can do much more, like giving only limited privileges) at the bottom of /etc/sudoers you should have this line: username ALL=(ALL) ALL where username is the name of user that will have root level privileges, so in my case it is like this: darkestkhan ALL=(ALL) ALL You will probably have to run in maintenance (or rescue, forgot how it was called) mode, after that (or reboot) everything should work darkestkhan -- Feel free to CC me. jid: darkestk...@gmail.com May The Source be with You. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CACRpbMhjGQcnqje78xhRuTokb=0udkso95f1z4s-z2m2uq9...@mail.gmail.com
Re: ReInstall of System borked Admin Pwd for Apps
On Sat, Sep 03, 2011 at 11:32:00AM +, darkestkhan wrote: 2011/9/3 Stephen Allen marathon.duran...@gmail.com: It contains just 2 fields; # User privilege specification root ALL=(ALL:ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL /etc/sudoers contains informations about who has rights to access root level privileges (though I know it can do much more, like giving only limited privileges) at the bottom of /etc/sudoers you should have this line: username ALL=(ALL) ALL where username is the name of user that will have root level privileges, so in my case it is like this: darkestkhan ALL=(ALL) ALL You will probably have to run in maintenance (or rescue, forgot how it was called) mode, after that (or reboot) everything should work ---end quoted text--- Cool. Thanks for the help. Strange why that line isn't there aye? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110903234833.ga11...@thinkpad.gateway.2wire.net
ReInstall of System borked Admin Pwd for Apps
Hello. For various reasons, needed to reinstall Debian Testing (Wheezy) on a flash drive formatted into 2 partitions. A system partition and one for HOME. Since the install I'm no longer able to use Synaptic with my password (I enabled sudo in the Installer). I used the exact User name and Password as before during the reinstall. It all works if I start Synaptic from the command-line using sudo. The same applies btw to all applications requiring the password for privileges. Don't think I've left out any details ... What do I have to do to fix this? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110901201610.ga8...@thinkpad.gateway.2wire.net
Re: ReInstall of System borked Admin Pwd for Apps
2011/9/1 Stephen Allen marathon.duran...@gmail.com: Hello. For various reasons, needed to reinstall Debian Testing (Wheezy) on a flash drive formatted into 2 partitions. A system partition and one for HOME. Since the install I'm no longer able to use Synaptic with my password (I enabled sudo in the Installer). I used the exact User name and Password as before during the reinstall. It all works if I start Synaptic from the command-line using sudo. The same applies btw to all applications requiring the password for privileges. Don't think I've left out any details ... What do I have to do to fix this? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110901201610.ga8...@thinkpad.gateway.2wire.net check out /etc/sudoers if it contains all fields darkestkhan -- Feel free to CC me. jid: darkestk...@gmail.com May The Source be with You. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CACRpbMhFQ7jCqTSC7+O8DvADoxFFyDvYN=u+7nxn1w70kt4...@mail.gmail.com