SUDO user not in sudoers
 

I have edited with visudo, to try to make sudo somewhat useful.
I have already searched the internet and LinuxQuestions for explanations but have more confusion. Other users report the same problem, without solutions. There are many responses, none of which put a finger on the problem. The suggestions vary in usefulness.

I have explored the man sudoers page and have copied almost literally from it.
This is Slackware, running Linux 2.6. It is not very helpful if all you got is to point out that you have the means to run some more recent kernel. I get too many of that type of response.

Have edited everything with visudo and have not got any errors, and root can sudo.

Have several lines that should allow some users to sudo, but sudo will not accept anyone except root.
Everyone else is "not in sudoers", I tried my new manageruser and my personal account.
Even "sudo -l" does not work (except for root).
This is in spite of specifying.
Defaults listpw=never

I already know that some of this is redundant, but
nothing seems to work in getting any user recognition.

Cmd_Alias SHUTDOWN= /sbin/shutdown /usr/sbin/halt /sbin/reboot
I did check with whereis on all the alias commands for the right directory.

There are several group privs.
%users localhost= (ALL) SHUTDOWN
%users localhost= (ALL) /sbin/halt
%power localhost= (ALL) SHUTDOWN
It seems that there is also a wheel group and a sudo group that are used for nearly the same thing, to have sudo group privs.
But I get nasty messages from sudo if I try to halt from manageruser (who is also in power group).
>> sudo halt

There are specific lines (like in the man sudo page).
manageruser localhost= (ALL) DUMPS SHUTDOWN PRINTING

Even tried:
manageruser ALL= (ALL) ALL

I managed to change my log file and that worked.
Defaults logfile=/var/log/sudo
I get a log message every time any user (other than root) tries to do "sudo -l". It has no other errors in the log.

Also some other things are not recognized. No actual errors, but "sudo -V" indicates it is still using defaults.
Defaults runas_default=manageruser
Defaults mailto="manageruser"
Defaults !mail_no_user

But root running sudo -V still reports (from memory):
Runas default is : root
When user is not in sudoers send mail to : root


I also have some other lines but cannot see how they could block all users, or cause
sudo defaults to be ignored.
Defaults requiretty, use_pty
A Linux console meets the requirements of requiretty, doesn't it??

sudo -L
indicates that these things should be settable.

These recent changes did not change how sudo works. I have not successfully used sudo, even when it had only the root line and %users line for "/sbin/shutdown -t now".

Instead of
Should be
or just copy the ALL the same way it's written for root.
Also I usually put my listing right under the root entry.

Did you see this? http://gnu-linux-slackware.blogspot....oers-file.html

I'll assume wheel has access to most root commands in slack.

Sorry, I typed it wrong in this forum, it is = in the sudoers file. It would have detected errors if I was using colons.

I turned off the requiretty line and added some more
lines with variations of manageruser. I did manage to get "sudo -l" to give results, but it seems to ignore the original manageruser line, and it ignores all the group permissive commands.

These three commands all work, and apparently at least one is necessary to
enable "sudo -l" for the manageruser.
manageruser ALL=(ALL) /sbin/lspci
manageruser localhost=(ALL) /sbin/lsmod
manageruser ALL=(ADMIN) /bin/powertop

This line does not work, and does not enable "sudo -l" to work.
manageruser localhost=(ADMIN) NOPASSWD: DUMPS, SHUTDOWN, PRINTING

However it does not give any errors.
It must be the Alias or the commas ??

This is also ignored in the "sudo -l" listing, even though manageruser is a power group member.
%power localhost= NOPASSWD: SHUTDOWN

The "sudo -l" listing does list the mailto and !mail_no_user as applying to the user.
But the "sudo -V" command gives different results that look like compiled defaults.

The slackware blog about wheel is information I already knew (and some other groups like users, sudo, and power).
I have more specific groups.
But, I cannot use any such command if groups are going to be ignored by sudo.

So, if you are using such a sudo group command, what does "sudo -l" show for you for a user that is only in the wheel group or the sudo group and has no more specific sudo lines?

Hi,

Sorry, but your post is confusing to read (for me). Not using code/quote tags is also problem. It's not clear what exactly is the problem. From what I have understood,
1. sudo command is not working for you (for your username)
2. you created a test account 'manageruser' but it would not work even with that user account
3. some commands seem to work. For eg. manageruser ALL=(ALL) /sbin/lspci
4. some commands esp aliases don't work. For eg. manageruser localhost=(ADMIN) NOPASSWD: DUMPS, SHUTDOWN, PRINTING

You can verify that,
1. your users are members of group wheel (or sudo)
2. relevent line (eg. %wheel ALL=(ALL) ALL) is not commented out.
3. There are no typos or other mistakes in the file. For example,
a) It's Cmnd_Alias not Cmd_Alias
b) The commands should be comma seperated. "Cmd_Alias SHUTDOWN= /sbin/shutdown /usr/sbin/halt /sbin/reboot"
4. In the line "manageruser localhost=(ADMIN) NOPASSWD: DUMPS, SHUTDOWN, PRINTING", ADMIN is runas alias. Have you defined it?

Post your /etc/sudoers file (wrapped in code tag ofcourse :). It would be easy to see if there are any mistakes in that file. Have you gone through Sudoers Configuration HowTo already?

Solved:

localhost is the problem. It is not recognized by sudo as a machine, yet it is not an error.
I have localhost defined (/etc/hosts), but the actual machine name is something else ( /etc/HOSTNAME ).

Created an alias (LOCAL) with the right name, and that has solved most user problems.
Of course, then I find the two lines in the man page that says localhost will not be recognized unless you actually have named your machine "localhost".

I got the localhost name from the example lines that were in sudoers file that Slackware and sudo installed.

Running "sudo -V" still does not print out the right settings, but "sudo -l" does.