visudo
Hi guys
well i am trying to edit the sudoers file using visudo, i uncommented the lines that prevent users from using the mount command without root password, when i try to mount cd's without root password i still get a message saying that i require the root password. how can i fix this issue.........im trying to do this with suse 10.2 ubuntu and slackware 11....... |
Please post the exact line from sudoers and exact command you type. I hope you prepended sudo to the command, for example, and sudoers file does not require users to belong to group you don't have on the box.
|
This is what my sudoers file look like.
# sudoers file. # # This file MUST be edited with the 'visudo' command as root. # # See the sudoers man page for the details on how to write a sudoers file. # # Host alias specification # User alias specification # Cmnd alias specification # Defaults specification # prevent environment variables from influencing programs in an # unexpected or harmful way (CVE-2005-2959, CVE-2005-4158, # CVE-2006-0151) Defaults always_set_home Defaults env_reset # In the default (unconfigured) configuration, sudo asks for the root password. # This allows use of an ordinary user account for administration of a freshly # installed system. When configuring sudo, delete the two # following lines: Defaults targetpw # ask for the password of the target user i.e. root ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'! # Runas alias specification # User privilege specification root ALL=(ALL) ALL # Uncomment to allow people in group wheel to run all commands %wheel ALL=(ALL) ALL # Same thing without a password %wheel ALL=(ALL) NOPASSWD: ALL # Samples %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom %users localhost=/sbin/shutdown -h now well that i did was uncomment the last few lines as you can see.........then i tried to mount a cd and i got the error message. |
Looking at other examples in my default sudoers file use it like this.
%users ALL=NOPASSWD: /sbin/ifdown, /sbin/ifup, /bin/mount Brian |
I am not sure if %users includes every user. I guess it is considered ordinary UNIX user group.
Also targetpw is reducing sudo to su in some sense. |
Really it is better to just add the users to the wheel group so only a few have usage of certain commands instaed of giving it to all. Or create addtional groups and ad users to it and limit the commands.
Brian |
Could anyone post there sudoers file? Smb4k screwed mine all up.
|
Code:
# sudoers file. |
Thanks for the quick response
|
All times are GMT -5. The time now is 03:58 AM. |