LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Desktop
User Name
Password
Linux - Desktop This forum is for the discussion of all Linux Software used in a desktop context.

Notices

Reply
 
Search this Thread
Old 10-03-2008, 05:16 AM   #1
usrb
LQ Newbie
 
Registered: Oct 2008
Posts: 7

Rep: Reputation: 0
sudo problem


Hi all

I am trying to execute following command as user asterisk, as I want to change password of user itudja:

sudo -u itudja passwd

Now, he asks me for password of user asterisk before executing passwd command.
Can I avoid that and how in sudoers file?

Thanx
 
Old 10-03-2008, 05:50 AM   #2
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
Who is "he"? You can run passwd as root instead of as itudja. Use "sudo passwd itudja" to change itudja's password. You can configure sudo to use your own password instead of root's. Some distro's are configured that way by default.
 
Old 10-03-2008, 05:51 AM   #3
sanjee
Member
 
Registered: Jul 2008
Posts: 129

Rep: Reputation: 15
you can try with a user who has blank password ,,,means create a user with blank password and then try . I m not fully sure , but can try.

Last edited by sanjee; 10-03-2008 at 05:54 AM.
 
Old 10-03-2008, 08:40 AM   #4
usrb
LQ Newbie
 
Registered: Oct 2008
Posts: 7

Original Poster
Rep: Reputation: 0
He is linux :-)

If I use sudo passwd itudja, then it will prompt for asterisk's password so he can execute sudo command. Can I avoid entering password?

If user has blank password, anyway, he will be prompted to enter his password, even though he doesn't have any...
 
Old 10-03-2008, 10:25 AM   #5
Total-MAdMaN
Member
 
Registered: May 2008
Distribution: Gentoo
Posts: 306

Rep: Reputation: 34
sudo is used to execute a program as the root user. You need to enter the password to show that you're authorised to run as root. If you didn't have to enter the password anyone could use sudo to do anything on the system and destroy the OS.
 
Old 10-03-2008, 11:46 AM   #6
usrb
LQ Newbie
 
Registered: Oct 2008
Posts: 7

Original Poster
Rep: Reputation: 0
But I can see from man sudo pages that sudo can execute any command as another user:

sudo, sudoedit - execute a command as another user

I'm pretty certain that there must be a solution for this.
 
Old 10-04-2008, 01:58 AM   #7
usrb
LQ Newbie
 
Registered: Oct 2008
Posts: 7

Original Poster
Rep: Reputation: 0
Ok, I solved it!
The syntax would go like this:

asterisk ALL = (itudja) NOPASSWD: /usr/bin/passwd

which gives me the freedom to change password for itudja (or any group defined in brackets) without authenticate myself.

Thx and rgrds.
 
Old 10-06-2008, 03:15 PM   #8
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
It allows itudja to run as root without a password. Why do you want to do that. It's dangerous. What's wrong with entering your own password or root's (depending on how sudo is configured) to change itudja's password. It's a one time deal. Why introduce a huge security risk just. You had to enter the root password to run "visdo" anyway.
 
Old 10-07-2008, 10:43 AM   #9
usrb
LQ Newbie
 
Registered: Oct 2008
Posts: 7

Original Poster
Rep: Reputation: 0
I am writing a php script to change password through web interface...
 
Old 10-13-2008, 07:00 AM   #10
harry2006
Member
 
Registered: Aug 2006
Location: /hawaii/honolulu/downtown
Distribution: Fedora 10[Cambridge] and Ubuntu 9.04[Jaunty]
Posts: 201

Rep: Reputation: 30
Quote:
Originally Posted by usrb View Post
Ok, I solved it!
The syntax would go like this:

asterisk ALL = (itudja) NOPASSWD: /usr/bin/passwd

which gives me the freedom to change password for itudja (or any group defined in brackets) without authenticate myself.

Thx and rgrds.
it defeats the basic purpose of putting multi-level of security in linux and should be avoided. thanks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: The Ultimate Sudo FAQ To Sudo Or Not To Sudo? LXer Syndicated Linux News 13 04-13-2013 01:36 AM
Slackware 12.0: boot problem & sudo / wifi-radar problem War_Ensemble Slackware 7 01-15-2008 09:49 AM
Restricting Editing in Sudo (Advanced Sudo Question) LinuxGeek Linux - Software 4 11-04-2006 03:20 PM
sudo problem humbletech99 Linux - Security 6 02-09-2006 11:01 AM
Sudo Problem shooters Linux - General 2 12-14-2005 10:12 PM


All times are GMT -5. The time now is 05:35 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration