LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
Reload this Page sudo - nopasswdf
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 10-07-2006, 09:03 AM   #1
RGummi
Member
 
Registered: Nov 2005
Posts: 90

Rep: Reputation: 15
sudo - nopasswdf

Hello,

how must I modify my sudoers so I can start/stop the cron job without typing a password?

Here my sudoers file:

Code:
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification

# Cmnd alias specification

# Defaults specification

# prevent environment variables from influencing programs in an
# unexpected or harmful way (CVE-2005-2959, CVE-2005-4158,
# CVE-2006-0151)
Defaults always_set_home
Defaults env_reset

# In the default (unconfigured) configuration, sudo asks for the root password.
# This allows use of an ordinary user account for administration of a freshly
# installed system. When configuring sudo, delete the two
# following lines:
# Defaults targetpw    # ask for the password of the target user i.e. root
# ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!

# Runas alias specification

# User privilege specification
root	ALL=(ALL) ALL

# Uncomment to allow people in group wheel to run all commands
# %wheel	ALL=(ALL)	ALL

# Same thing without a password
# %wheel	ALL=(ALL)	NOPASSWD: ALL

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now

rgummi localhost=NOPASSWD: /etc/init.d/cron
This works but I must enter my user password! It seems that NOPASSWD: is useless!
Ok I can use the -S option give the password in my script, but I think there must be an other way.

Thanks
Last edited by RGummi; 10-07-2006 at 09:05 AM.
 
Old 10-07-2006, 09:38 AM   #2
TruongAn
Member
 
Registered: Dec 2004
Location: Vietnam (Việt Nam)
Distribution: Gentoo (desktop), Arch linux (laptop)
Posts: 728

Rep: Reputation: 33
Sudo without typing password is a security hole, I personally don't think sudo can be configured to allowed
 
Old 10-07-2006, 12:33 PM   #3
frob23
Senior Member
 
Registered: Jan 2004
Location: Roughly 29.467N / 81.206W
Distribution: OpenBSD, Debian, FreeBSD
Posts: 1,450

Rep: Reputation: 48
Code:
rgummi localhost = NOPASSWD: /etc/init.d/cron
You had a typo in the file. I am pretty sure that the space is important here.

If that is not the problem then something else is happening because I have similar rules that work just fine.
Last edited by frob23; 10-07-2006 at 12:39 PM.
 
Old 10-08-2006, 03:33 AM   #4
RGummi
Member
 
Registered: Nov 2005
Posts: 90

Original Poster
Rep: Reputation: 15
Hi,

now I have tried

rgummi ALL=NOPASSWD: /etc/init.d/cron

with a tab between rgumi and ALL, this works! But it does not work with localhost instead of ALL.
By the way is there a good documentation available with examples? The man pages are too theoretically!

RGummi
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Restricting Editing in Sudo (Advanced Sudo Question) LinuxGeek Linux - Software 4 11-04-2006 03:20 PM
Sudo without having to type "sudo?" Mitch G Linux - Security 3 09-28-2006 02:16 PM
sudo omry_y Debian 4 10-06-2004 09:01 AM
sudo pk21 Linux - Newbie 7 10-07-2003 07:53 AM
need help with sudo mla Linux - Software 4 10-02-2003 11:05 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 02:51 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration