LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-16-2010, 07:44 AM   #1
hurryi
Member
 
Registered: Apr 2010
Distribution: RHEL
Posts: 77

Rep: Reputation: 7
sudoers


Hello,

Can someone tell me what is the difference if the NOPASSWD option enabled or disabled in the sudoers file?

I mean i know that no password required to execute the command if its enabled,
but if its not there it will ask for the user's password not for the root pw. ( because thats how it works to protect the root pw)

but i do not see its meaning, i mean if a user's account gets compromised,
it does not matter if NOPASSWD present or not,

if
NOPASSWD enabled
you can execute the commands which are defined

if
NOPASSWD not present
then i just need to type in the already compromised pw

also i read that sudo for trusted users

Can someone enlight me or give some examples how it can be a part of a good security?or why this NOPASSWD option exist, why it isnt a default value lets say

thanks,
hurryi
 
Old 10-16-2010, 07:48 AM   #2
jdkaye
LQ Guru
 
Registered: Dec 2008
Location: Westgate-on-Sea, Kent, UK
Distribution: Debian Testing Amd64
Posts: 5,464

Rep: Reputation: Disabled
Why should I hurry? I'm not in a rush. Read the Sticky at the top of this forum and maybe try a different thread title.
jdk
 
0 members found this post helpful.
Old 10-16-2010, 07:51 AM   #3
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Arch
Posts: 8,527

Rep: Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898
Quote:
Originally Posted by jdkaye View Post
Why should I hurry? I'm not in a rush. Read the Sticky at the top of this forum and maybe try a different thread title.
jdk
You know hurryi is his username, right?


Kind regards
 
Old 10-16-2010, 07:56 AM   #4
AlucardZero
Senior Member
 
Registered: May 2006
Location: USA
Distribution: Debian
Posts: 4,808

Rep: Reputation: 604Reputation: 604Reputation: 604Reputation: 604Reputation: 604Reputation: 604
You have it right. NOPASSWD is not the default so that someone doesn't walk up to your unattended, unlocked, user terminal and run commands as root.
 
Old 10-16-2010, 07:57 AM   #5
hurryi
Member
 
Registered: Apr 2010
Distribution: RHEL
Posts: 77

Original Poster
Rep: Reputation: 7
yep u should not hurry^^ take ur time and read slowly

hurryi^^
 
Old 10-16-2010, 07:58 AM   #6
hurryi
Member
 
Registered: Apr 2010
Distribution: RHEL
Posts: 77

Original Poster
Rep: Reputation: 7
Quote:
Originally Posted by AlucardZero View Post
You have it right. NOPASSWD is not the default so that someone doesn't walk up to your unattended, unlocked, user terminal and run commands as root.
then he just needs to change the user pw? and then he knows the pw
still not clear
 
Old 10-16-2010, 08:15 AM   #7
hurryi
Member
 
Registered: Apr 2010
Distribution: RHEL
Posts: 77

Original Poster
Rep: Reputation: 7
or it make sense if the user not allowed to change pw
like with LDAP auth or something?
 
Old 10-16-2010, 09:36 AM   #8
AlucardZero
Senior Member
 
Registered: May 2006
Location: USA
Distribution: Debian
Posts: 4,808

Rep: Reputation: 604Reputation: 604Reputation: 604Reputation: 604Reputation: 604Reputation: 604
Users can't change their password without knowing their password. Try it.

Code:
alucard@karrde:~$ passwd
Changing password for alucard.
(current) UNIX password:
 
Old 10-16-2010, 09:43 AM   #9
hurryi
Member
 
Registered: Apr 2010
Distribution: RHEL
Posts: 77

Original Poster
Rep: Reputation: 7
yeh i forget that, you are right thx
 
Old 10-17-2010, 12:37 AM   #10
jdkaye
LQ Guru
 
Registered: Dec 2008
Location: Westgate-on-Sea, Kent, UK
Distribution: Debian Testing Amd64
Posts: 5,464

Rep: Reputation: Disabled

Total apologies, Hurryi. Brain malfunction alert. I read "hurryi" as "hurry!"
ciao,
jdk

Last edited by jdkaye; 10-17-2010 at 12:39 AM.
 
Old 10-17-2010, 04:27 PM   #11
hurryi
Member
 
Registered: Apr 2010
Distribution: RHEL
Posts: 77

Original Poster
Rep: Reputation: 7
no problem
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
help with sudoers sang_froid Linux - Security 11 09-13-2010 02:38 PM
/etc/sudoers vikas027 Linux - Server 12 06-30-2010 08:23 AM
sudoers madwac Linux - Newbie 1 03-10-2007 07:54 PM
I deleted /etc/sudoers and creates a new file call sudoers but now it doesnt for visu abefroman Linux - Software 1 11-10-2005 06:03 PM
sudoers usa1234 Linux - General 1 10-24-2004 04:07 PM


All times are GMT -5. The time now is 04:21 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration