LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 07-30-2004, 09:50 PM   #1
da_tibmeister
Member
 
Registered: Oct 2003
Distribution: SLES 9.3
Posts: 40

Rep: Reputation: 15
SUDO Problems


I need to configure the sudoers file so that user apache has access to the adduser script, and can run it. Yep, you read it right, I have a PHP page that needs to have the ability to add users to the system. Gotta love it, eh?

anyhew, here's what I have:
apache ALL = NOPASSWD: /usr/sbin/addusers

Well, either this don't work or somehow I need to reset sudo to re-read this file.


Thanks
 
Old 07-31-2004, 10:30 AM   #2
kadaver
Member
 
Registered: Nov 2003
Location: Beautiful Northern-sweden (Luleň)
Posts: 90

Rep: Reputation: 15
well, the command is called adduser, not addusers..
/usr/sbin/adduser
 
Old 07-31-2004, 10:49 AM   #3
da_tibmeister
Member
 
Registered: Oct 2003
Distribution: SLES 9.3
Posts: 40

Original Poster
Rep: Reputation: 15
Yes, typo on my part. My issue is I'm getting a password prompt, even though I put in the NOPASSWD: option, and this just won't work from a PHP page...
 
Old 08-03-2004, 05:42 PM   #4
shubb
Member
 
Registered: Oct 2003
Location: San Francisco
Distribution: Slackware 13.37
Posts: 150

Rep: Reputation: 16
This may seem like a dumb question, but are you running apache as the user apache? I am also running slack 9.1, and by default, when root starts apache it starts the sub-processes that run as user nobody. So, unless you changed it to run as user apache, that may be the problem.

Presuming you have created the apache user and thats not the problem, can you log in as the apache user and use the sudo command? I think that it may ask you for a password the first time you try to sudo, even if NOPASSWD is set. After that, it should not prompt again.


Also, on another note, you may want to use the useradd, instead of adduser. adduser asks for the information, whereas useradd allows you to specify the options on the command line.

Last edited by shubb; 08-03-2004 at 05:50 PM.
 
Old 08-03-2004, 07:54 PM   #5
da_tibmeister
Member
 
Registered: Oct 2003
Distribution: SLES 9.3
Posts: 40

Original Poster
Rep: Reputation: 15
Well, got the sudo problem gifured out, now to figure out the password problem, because with adduser, you have to pass the -p argument a pre-encrypted password.. Hmmm....
 
Old 08-03-2004, 08:01 PM   #6
Obie
Member
 
Registered: Apr 2004
Distribution: Red Hat
Posts: 290

Rep: Reputation: 30
Correct me if I am wrong. Shouldn't you run the command useradd as opposed to adduser. I know adduser works but useradd seems to offer more options to my knowledge. Also when prompted for a password, are you being prompted to access the page or being prompted to add a password for the user you are adding. By default useradd doesn't require a password string since it assumes you may run passwd.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Restricting Editing in Sudo (Advanced Sudo Question) LinuxGeek Linux - Software 4 11-04-2006 03:20 PM
sudo kaplan71 Suse/Novell 4 09-26-2005 10:42 AM
About sudo alnreddy Linux - Security 3 06-13-2005 12:53 PM
su and sudo muman Linux - Security 9 12-30-2004 10:55 AM
help with sudo raven Linux - General 7 01-27-2002 06:24 PM


All times are GMT -5. The time now is 01:03 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration