Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi all, Ive been messing around with a sample sudoers file in place of the default one, and it just wont do anything i want it too, im obviously misunderstanding how to get it to do what i want. Can someone please tell me how to get one of the commands to work for "sauron" on machine alias "LAPPY", then i should be able to go from there. Here is the sudoers file, (im very sorry its messy) i commented out alot of it (instead of deleting) to try to remind me how it works but not getting anywhere mount and umount seem to work, but shutdown wont.
Code:
#
# Sample /etc/sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#
##
# User alias specification
##
#User_Alias FULLTIMERS = millert, mikef, dowdy
#User_Alias PARTTIMERS = bostley, jwfox, crawl
#User_Alias WEBMASTERS = will, wendy, wim
#User_Alias ADMIN1 = sauron
##
# Runas alias specification
##
#Runas_Alias OP = root, operator
#Runas_Alias DB = oracle, sybase
##
# Host alias specification
##
#
#Host_Alias CUNETS = 128.138.0.0/255.255.0.0
#Host_Alias CSNETS = 128.138.243.0, 128.138.204.0/24, 128.138.242.0
#Host_Alias SERVERS = master, mail, www, ns
#Host_Alias CDROM = orion, perseus, hercules
Host_Alias LAPPY = 192.168.0.179/255.255.255.0
##
# Cmnd alias specification
##
#Cmnd_Alias DUMPS = /usr/sbin/dump, /usr/sbin/rdump, /usr/sbin/restore, \
Cmnd_Alias KILL = /usr/bin/kill
#Cmnd_Alias PRINTING = /usr/sbin/lpc, /usr/bin/lprm
Cmnd_Alias SHUTDOWN = /usr/sbin/shutdown
#Cmnd_Alias HALT = /usr/sbin/halt, /usr/sbin/fasthalt
Cmnd_Alias REBOOT = /usr/sbin/reboot, /usr/sbin/fastboot
#Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \
#Cmnd_Alias SU = /usr/bin/su
#Cmnd_Alias VIPW = /usr/sbin/vipw, /usr/bin/passwd, /usr/bin/chsh, \
##
# Override built-in defaults
##
#Defaults syslog=auth
#Defaults:FULLTIMERS !lecture
#Defaults:millert !authenticate
#Defaults@SERVERS log_year, logfile=/var/log/sudo.log
##
# User specification
##
# root and users in group wheel can run anything on any machine as any user
root ALL = (ALL) ALL
%wheel ALL = (ALL) ALL
# full time sysadmins can run anything on any machine without a password
#FULLTIMERS ALL = NOPASSWD: ALL
# part time sysadmins may run anything but need a password
#PARTTIMERS ALL = ALL
# jack may run anything on machines in CSNETS
#jack CSNETS = ALL
# lisa may run any command on any host in CUNETS (a class B network)
#lisa CUNETS = ALL
# operator may run maintenance commands and anything in /usr/oper/bin/
#operator ALL = DUMPS, KILL, PRINTING, SHUTDOWN, HALT, REBOOT,\
# joe may su only to operator
#joe ALL = /usr/bin/su operator
# pete may change passwords for anyone but root on the hp snakes
#pete HPPA = /usr/bin/passwd [A-z]*, !/usr/bin/passwd root
# bob may run anything on the sparc and sgi machines as any user
# listed in the Runas_Alias "OP" (ie: root and operator)
#bob SPARC = (OP) ALL : SGI = (OP) ALL
# jim may run anything on machines in the biglab netgroup
#jim +biglab = ALL
# users in the secretaries netgroup need to help manage the printers
# as well as add and remove users
#+secretaries ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser
#sauron can run REBOOT and SHUTDOWN
sauron LAPPY = KILL, SHUTDOWN, REBOOT
# fred can run commands as oracle or sybase without a password
#fred ALL = (DB) NOPASSWD: ALL
# on the alphas, john may su to anyone but root and flags are not allowed
#john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root*
# jen can run anything on all machines except the ones
# in the "SERVERS" Host_Alias
#jen ALL, !SERVERS = ALL
# jill can run any commands in the directory /usr/bin/, except for
# those in the SU and SHELLS aliases.
#jill SERVERS = /usr/bin/, !SU, !SHELLS
# steve can run any command in the directory /usr/local/op_commands/
# as user operator.
#steve CSNETS = (operator) /usr/local/op_commands/
# matt needs to be able to kill things on his workstation when
# they get hung.
#matt valkyrie = KILL
# users in the WEBMASTERS User_Alias (will, wendy, and wim)
# may run any command as user www (which owns the web pages)
# or simply su to www.
#WEBMASTERS www = (www) ALL, (root) /usr/bin/su www
# anyone can mount/unmount a cd-rom on the machine under the LAPPY alias
ALL LAPPY = NOPASSWD: /sbin/umount /LAPPY,\
/sbin/mount -o nosuid\,nodev /dev/cd0a /LAPPY
It's good you posted your unabbreviated sudoers file (with all the examples the man page gives, next time please cut out those comment lines). Please check the actual errors users get and the syslog error lines. If unsure post actual errors. Otherwise we'll have to syntax check your whole sudoers file (like the shutdown command not allowing any arguments) and I'd rather see you do most of the work.
Thank you for the reply.
The one that is confusing me is that the way i see it, the user "sauron" should be able to use shutdown on the machine LAPPY, which i named by its IP 192.168.0.179/255.255.255.0 on the LAN. But when i try shutdown (even with no arguements) it says
Code:
shutdown: you must be root to do that!
Any ideas why sauron can't use the shutdown command? I must have done something wrong.
How are you assuing the command? If user sauron is just issuing the command shutdown that is the correct way the machine should handle it. Sauron would need to issue the command sudo SHUTDOWN.
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.
Password:
I put the password in and then i get
Code:
sauron is not allowed to run sudo on PointBlank. This incident will be reported.
When trying "sudo SHUTDOWN" i get the same error as above.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.