LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 03-19-2010, 05:35 PM   #1
ZAMO
Member
 
Registered: Mar 2007
Distribution: Redhat &CentOS
Posts: 579

Rep: Reputation: 30
sudo access denied


Hi all,

I have users white and swan, who can sudo to the user craig to execute some script there. User swan's password got expired and it was reset as well. he can be able to login to the server , but he is denied to sudo to the user craig.

Code:
[swan@serv1 ~]$ sudo su - craig
swan is not allowed to run sudo on serv1
The settings in /etc/sudoers remain the same. Do you need to look into some other files to get this fixed?

Thanks
 
Old 03-19-2010, 06:09 PM   #2
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
Is user swan's password current now?
Check the group memberships. Were they changed?

Also look in /var/log/messages for clues.
 
Old 03-19-2010, 06:52 PM   #3
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora, Lubuntu, FreeBSD
Posts: 3,930
Blog Entries: 5

Rep: Reputation: Disabled
On RH-family distros, also check /var/log/secure.

It might help if you posted the /etc/sudoers directives related to those users.

---

edit: Also, this looks like a strange usage of sudo...

Last edited by anomie; 03-19-2010 at 06:54 PM.
 
Old 03-20-2010, 12:58 PM   #4
ZAMO
Member
 
Registered: Mar 2007
Distribution: Redhat &CentOS
Posts: 579

Original Poster
Rep: Reputation: 30
Thanks for the Reply.

Analyzing the /var/log/secure and /var/log/message did not help. If someone has experienced this sudo login issue here, please share your ideas.

Thanks
 
Old 03-20-2010, 05:28 PM   #5
PTrenholme
Senior Member
 
Registered: Dec 2004
Location: Olympia, WA, USA
Distribution: Fedora, (K)Ubuntu
Posts: 4,151

Rep: Reputation: 331Reputation: 331Reputation: 331Reputation: 331
How can we have any ideas when you fail to follow the advice posted by anomie?

Why should they need to sudo craig when you could put white, swan and craig in the same group, say craig_script_users (created de novo if necessary), and then do a chown craig:craig_script_users <script> and a chmod g=rx <script> so any member of the craig_script_users group can run the script? (I think that this is why anomie added the comment to the post above.)

Or, even easier, just link the script from /usr/bin and give everyone x permission on the script (unless, of course, there are some users who should not be able to run the script).
 
1 members found this post helpful.
Old 03-21-2010, 05:48 PM   #6
jim80net
LQ Newbie
 
Registered: May 2009
Location: San Antonio, TX
Distribution: Debian
Posts: 15

Rep: Reputation: 1
What PTrenholme writes makes sense, unless there's a reason to be giving root level privileges to your users.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
sudo and >>: permission denied mcd Linux - Software 2 06-25-2008 03:30 PM
Access denied when attempting access samba share warlockvix Linux - Software 1 05-11-2007 02:36 PM
sudo - permission denied! yogaboy Linux - Newbie 5 12-28-2006 11:58 PM
sudo permission denied Swift&Smart Slackware 5 07-13-2006 01:05 AM
getting access denied , when trying to access camera as normal user bennythepitbull Linux - Hardware 2 11-04-2003 02:30 AM


All times are GMT -5. The time now is 06:42 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration