Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I need to configure the sudoers file so that user apache has access to the adduser script, and can run it. Yep, you read it right, I have a PHP page that needs to have the ability to add users to the system. Gotta love it, eh?
anyhew, here's what I have:
apache ALL = NOPASSWD: /usr/sbin/addusers
Well, either this don't work or somehow I need to reset sudo to re-read this file.
This may seem like a dumb question, but are you running apache as the user apache? I am also running slack 9.1, and by default, when root starts apache it starts the sub-processes that run as user nobody. So, unless you changed it to run as user apache, that may be the problem.
Presuming you have created the apache user and thats not the problem, can you log in as the apache user and use the sudo command? I think that it may ask you for a password the first time you try to sudo, even if NOPASSWD is set. After that, it should not prompt again.
Also, on another note, you may want to use the useradd, instead of adduser. adduser asks for the information, whereas useradd allows you to specify the options on the command line.
Correct me if I am wrong. Shouldn't you run the command useradd as opposed to adduser. I know adduser works but useradd seems to offer more options to my knowledge. Also when prompted for a password, are you being prompted to access the page or being prompted to add a password for the user you are adding. By default useradd doesn't require a password string since it assumes you may run passwd.