LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-06-2008, 09:27 AM   #1
majkinetor
LQ Newbie
 
Registered: Nov 2008
Distribution: Ubuntu 8.04
Posts: 2

Rep: Reputation: 0
Sudoers problem


Hello.

What I want:
To be able to use sudo <cmd> without password prompt.

What I did:
This is the content of my sudoers file:

Code:
Defaults        env_reset

# Uncomment to allow members of group sudo to not need a password
%sudo ALL=NOPASSWD: ALL

# User privilege specification
root    ALL=(ALL) ALL
mmilic  ALL=NOPASSWD: ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
I am in sudo group so i don't know why %sudo rule doesn't work.
Code:
$ id mmilic
uid=1000(mmilic) gid=1000(mmilic) groups=1000(mmilic), 1001(sudo) ....
I also don't know why user privilege spec doesn't work.

Alternatively, I tried to do the same thing with expect.My idea was to create script that will automatically put password if sudo session is over. If I call that script refresh_sudo, I would then be able to use this in my shell scripts in this way:
Code:
#!/bin/bash
refresh_sudo
sudo apt_get install $1
sudo <cmd...>
...
The exp script is:
Code:
#!/usr/bin/expect -f

spawn sudo echo session is active ?
expect {
  "password" { send "mypassword\r" }
  "session is active ?" {}
}
exit
and it also didn't help...

I appreciate any help.
Thanks.
 
Old 11-07-2008, 02:37 AM   #2
Simon Bridge
LQ Guru
 
Registered: Oct 2003
Location: Waiheke NZ
Distribution: Ubuntu
Posts: 9,211

Rep: Reputation: 198Reputation: 198
It is strongly discouraged to allow any user to operate sudo without a password, including yourself. Note - if you do a lot of sudoing in one go, you need your password only the once for the sudo session anyway.

You con increase the timeout period if you want - but remember to explicitly kill the session after.

There is often sudo su - to get you a root shell.

If you find yourself routinely running commands that you need scripts to handle them, consider organizing things so they can be run as cron jobs.

Similarly for scripts - let root run root scripts - not users.

You have a world-class secure OS there, please do not dismantle the very features keeping all of us safer. Look for another way to acheive your ends. Thanks.

Back to your question:
In what way are the changes you made "not working"? (eg. Can you still use sudo - but still need a password, or can you not sudo at all now?)

Did you logout/login after making the changes?
 
Old 11-07-2008, 08:36 AM   #3
majkinetor
LQ Newbie
 
Registered: Nov 2008
Distribution: Ubuntu 8.04
Posts: 2

Original Poster
Rep: Reputation: 0
Quote:
It is strongly discouraged to allow any user to operate sudo without a password, including yourself. Note - if you do a lot of sudoing in one go, you need your password only the once for the sudo session anyway.

You con increase the timeout period if you want - but remember to explicitly kill the session after.
There is often sudo su - to get you a root shell.
If you find yourself routinely running commands that you need scripts to handle them, consider organizing things so they can be run as cron jobs.
Similarly for scripts - let root run root scripts - not users.
You have a world-class secure OS there, please do not dismantle the very features keeping all of us safer. Look for another way to acheive your ends. Thanks.
I am running experimental system on VM and its security is not important at all. I am the only user. In other words, I don't care about "world-class secure OS" feature of Ubuntu atm. I just care about repeating password every 15 minutes.

Quote:
In what way are the changes you made "not working"? (eg. Can you still use sudo - but still need a password, or can you not sudo at all now?)
Did you logout/login after making the changes?
They are not working related to my original wish. It still requires password.
I think I did restart the system, but I am not sure. I will check it out again and post it here if that fixes the problem. I didn't know you need to logout for this to take effect.

About exp script it always asks for password, even if run multiple times. Actually, since automation is one of my primary ways of expression, I would really like to know what is the problem with exp script and to see version that works. I already explained what I am trying to achieve - refresh_sudo when called will either return if sudo session is still active or open another sudo session if not, by automatically filling in password.

Thanks
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
/etc/sudoers problem john83reuben Linux - Newbie 1 04-13-2008 08:19 AM
/etc/sudoers problem Braynid Linux - Newbie 4 10-21-2006 10:11 AM
I deleted /etc/sudoers and creates a new file call sudoers but now it doesnt for visu abefroman Linux - Software 1 11-10-2005 06:03 PM
Sudoers problem hinetvenkat Linux - Security 3 05-14-2005 12:47 PM
sudoers problem kzar Linux - General 5 12-09-2004 05:59 PM


All times are GMT -5. The time now is 04:12 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration