LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 04-21-2006, 08:07 PM   #1
Micro420
Senior Member
 
Registered: Aug 2003
Location: Berkeley, CA
Distribution: Mac OS X Leopard 10.6.2, Windows 2003 Server/Vista/7/XP/2000/NT/98, Ubuntux64, CentOS4.8/5.4
Posts: 2,986

Rep: Reputation: 45
Configuring SUDO for users, a.k.a. sudoers


Question: When I run the sudo command as a user (micro420), I am still asked for the ROOT password. How do I accept the user password?

I ran the 'visudo' command to add my name to the list of users that can run the sudo command.

Code:
#User privilege specification
root ALL=(ALL) ALL
micro420 ALL=(ALL) ALL
I also tried doing this and it did not work:

Code:
sudo -u micro420 cat /etc/shadow
 
Old 04-21-2006, 08:25 PM   #2
pljvaldez
Guru
 
Registered: Dec 2005
Location: Somewhere on the String
Distribution: Debian Squeeze (x86)
Posts: 6,092

Rep: Reputation: 269Reputation: 269Reputation: 269
I think when you run sudo that it is asking you for your user password (i.e. sudo nano will prompt you for a password, you should enter your user password).
 
Old 04-21-2006, 08:47 PM   #3
Micro420
Senior Member
 
Registered: Aug 2003
Location: Berkeley, CA
Distribution: Mac OS X Leopard 10.6.2, Windows 2003 Server/Vista/7/XP/2000/NT/98, Ubuntux64, CentOS4.8/5.4
Posts: 2,986

Original Poster
Rep: Reputation: 45
Quote:
Originally Posted by pljvaldez
I think when you run sudo that it is asking you for your user password (i.e. sudo nano will prompt you for a password, you should enter your user password).
That is my problem to my question. When I use the SUDO command as a USER, it prompts for a password. My user password does NOT work, BUT, if I input my root password, then it works. This defeats the purpose of using sudo.

So my question again: When I run the sudo command as a user (micro420), I am still asked for the ROOT password. How do I accept the user password?
 
Old 04-21-2006, 08:57 PM   #4
pljvaldez
Guru
 
Registered: Dec 2005
Location: Somewhere on the String
Distribution: Debian Squeeze (x86)
Posts: 6,092

Rep: Reputation: 269Reputation: 269Reputation: 269
From the ubuntu wiki:

Let sudo ask for the root password

You can make sudo ask for the root password instead of the user password, you can do this by adding the keyword rootpw to the line in /etc/sudoers that starts with Defaults.

So I guess use visudo as root and then find the line that starts with Defaults and remove the word rootpw... Hopefully this works on whatever distro you're running...
 
Old 04-21-2006, 09:25 PM   #5
Micro420
Senior Member
 
Registered: Aug 2003
Location: Berkeley, CA
Distribution: Mac OS X Leopard 10.6.2, Windows 2003 Server/Vista/7/XP/2000/NT/98, Ubuntux64, CentOS4.8/5.4
Posts: 2,986

Original Poster
Rep: Reputation: 45
Thanks for the reply, but currently my sudo configuration file looks like this:

Code:
#Defaults Specification
Defaults targetpw # ask for the password of the target user i.e. root
%users ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!

#User Privilege specification
root ALL=(ALL) ALL
micro420 ALL=(ALL) ALL
As you can see, there is no 'rootpw'.

I am using SuSE 10.

This is frustrating (damn you Linux!!!!). I'm not asking for anything complicated, but something rather practical. You would figure that something so simple like this would be well known in the Linux community ...

Lets say you're an administrator and you want to give your user certain special privileges. You wouldn't give them the root password, correct? You'd give them special 'sudo' privileges and make the user input his/her password, or some other password other than the root password.

Last edited by Micro420; 04-21-2006 at 09:27 PM.
 
Old 04-21-2006, 09:47 PM   #6
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,004
Blog Entries: 11

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
That means that for some reason only know to you
you must have the rootpw flag in the sudoers file.

The behaviour you're describing isn't sudo default,
and it's not ubuntu default, either.

[edit]
Mental note to self: if you have a thread open for
two hours refresh before you start answering
[/edit]


Cheers,
Tink

Last edited by Tinkster; 04-21-2006 at 09:50 PM. Reason: [edit]
 
Old 04-21-2006, 10:05 PM   #7
Micro420
Senior Member
 
Registered: Aug 2003
Location: Berkeley, CA
Distribution: Mac OS X Leopard 10.6.2, Windows 2003 Server/Vista/7/XP/2000/NT/98, Ubuntux64, CentOS4.8/5.4
Posts: 2,986

Original Poster
Rep: Reputation: 45
Perhaps you are correct, Tinkster.

I am using SuSE 10 and I will go post over there. Perhaps the other SuSE users will know.

If anyone has any other suggestions or ideas, please let me know.
 
Old 04-21-2006, 10:09 PM   #8
ataraxia
Member
 
Registered: Apr 2006
Location: Pittsburgh
Distribution: Debian Sid AMD64
Posts: 296

Rep: Reputation: 30
Quote:
Originally Posted by Micro420
Thanks for the reply, but currently my sudo configuration file looks like this:

Code:
#Defaults Specification
Defaults targetpw # ask for the password of the target user i.e. root
%users ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!

#User Privilege specification
root ALL=(ALL) ALL
micro420 ALL=(ALL) ALL
As you can see, there is no 'rootpw'.

I am using SuSE 10.

This is frustrating (damn you Linux!!!!). I'm not asking for anything complicated, but something rather practical. You would figure that something so simple like this would be well known in the Linux community ...

Lets say you're an administrator and you want to give your user certain special privileges. You wouldn't give them the root password, correct? You'd give them special 'sudo' privileges and make the user input his/her password, or some other password other than the root password.
Ah, this makes sense. "Defaults targetpw" is causing this weird behavior. You should remove everything above the blank line.
 
Old 04-21-2006, 10:26 PM   #9
Micro420
Senior Member
 
Registered: Aug 2003
Location: Berkeley, CA
Distribution: Mac OS X Leopard 10.6.2, Windows 2003 Server/Vista/7/XP/2000/NT/98, Ubuntux64, CentOS4.8/5.4
Posts: 2,986

Original Poster
Rep: Reputation: 45
It worked! Removing the targetpw worked! Thank you!!!!

Now to figure out who to give special users privileges ...
 
Old 04-21-2006, 10:28 PM   #10
ataraxia
Member
 
Registered: Apr 2006
Location: Pittsburgh
Distribution: Debian Sid AMD64
Posts: 296

Rep: Reputation: 30
Quote:
Originally Posted by Micro420
It worked! Removing the targetpw worked! Thank you!!!!

Now to figure out who to give special users privileges ...
Hopefully, you also removed this line:
Code:
%users ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!
Or else everyone can now sudo.
 
Old 04-22-2006, 12:12 AM   #11
Micro420
Senior Member
 
Registered: Aug 2003
Location: Berkeley, CA
Distribution: Mac OS X Leopard 10.6.2, Windows 2003 Server/Vista/7/XP/2000/NT/98, Ubuntux64, CentOS4.8/5.4
Posts: 2,986

Original Poster
Rep: Reputation: 45
Yes, I made sure I deleted the %users line.

Thanks for checking up
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to add new users in fedora core 4 and allow them to use sudo for some commands y2k6summi Linux - Security 1 03-29-2006 10:38 AM
accessing of directory using sudo users abhis_mail2002 Fedora 3 02-22-2006 04:34 AM
I deleted /etc/sudoers and creates a new file call sudoers but now it doesnt for visu abefroman Linux - Software 1 11-10-2005 06:03 PM
sudo and sudoers syntax mikemrh9 Linux - Security 7 06-04-2005 08:54 PM
Configuring Sudo Umashankar Linux - Security 1 10-03-2004 09:54 PM


All times are GMT -5. The time now is 08:38 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration