LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-29-2004, 09:29 PM   #1
jhermans
LQ Newbie
 
Registered: Aug 2004
Posts: 6

Rep: Reputation: 0
Sudo authorizes me with incorrect password?


I am trying to set up sudo, and I have succeeded, but I have reason to believe it's not working the way I want. My username is jherm, and I have tried adding stuff to my sudoers file. Sudo then works from user jherm, but when it prompts me for a password, and I enter ROOT password, it fails, but when I enter my own user's password, it works?

I thought the point of sudo was to run commands as root, like su, but for just one command. Why would su ask me for root's password, and work, but sudo not work when I entered ROOT's password?

Can you tell me what to add to make sudo do what I want it to do?

Code:
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification

# Cmnd alias specification

# Defaults specification

# User privilege specification
root		ALL=(ALL) ALL
jherm		ALL=(ALL) ALL

# Uncomment to allow people in group wheel to run all commands
%wheel		ALL=(ALL)       ALL

# Same thing without a password
# %wheel	ALL=(ALL)       NOPASSWD: ALL

# Samples
# %users	ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
 
Old 08-29-2004, 09:35 PM   #2
ranger_nemo
Senior Member
 
Registered: Feb 2003
Location: N'rn WI -- USA
Distribution: Kubuntu 8.04, ClarkConnect 4
Posts: 1,142

Rep: Reputation: 47
sudo is more secure, because root controls what users can do, and they don't know root's password. If sudo required root's password, users would be able to just login as root and do whatever they want, rather than only what root has allowed them to do with sudo.

It's also secure because if somebody gets onto your computer while you step away for a minute, they still need your password to sudo anything. Or, if you get a nasty program off the internet, and run it as a user, if it has a sudo command in it, it will ask for your password, and you'll know something's up. That's one reason you shouldn't set any users with NOPASSWD in sudoers conf file.

Last edited by ranger_nemo; 08-29-2004 at 09:37 PM.
 
Old 08-29-2004, 09:49 PM   #3
jhermans
LQ Newbie
 
Registered: Aug 2004
Posts: 6

Original Poster
Rep: Reputation: 0
Alright, so now I get it, sudo doesn't ask for root's password because root has already authorized me to sudo some command via the sudoers file.

Still, that doesn't solve my problem. If anyone has any ideas, please post.
 
Old 08-29-2004, 10:05 PM   #4
ilde
LQ Newbie
 
Registered: Aug 2004
Location: Mexico
Distribution: Debian
Posts: 16

Rep: Reputation: 0
A sample sudoers file

# User alias specification
User_Alias ILDE = ilde
User_Alias STAFF = anita,fanny
User_Alias ADMIN = ilde,jules

# Cmnd alias specification
Cmnd_Alias SHUTDOWN=/sbin/shutdown
Cmnd_Alias IFCONFIG=/sbin/ifconfig
Cmnd_Alias PON=/usr/bin/pon
Cmnd_Alias POFF=/usr/bin/poff
Cmnd_Alias PLOG=/usr/bin/plog
Cmnd_Alias LPQ=/usr/bin/lpq
Cmnd_Alias PING=/bin/ping
...
...

# User privilege specification
root ALL=(ALL) ALL
ILDE ALL=NOPASSWD: SHUTDOWN,UPDATEDB
STAFF ALL=NOPASSWD: SHUTDOWN,IFCONFIG,PON,POFF,LPC,MOUNT,UMOUNT,LPRM
ADMIN ALL=NOPASSWD: ADDUSER,DELUSER,PING,APTGET,DSELECT,MKE2FS
 
Old 08-29-2004, 10:15 PM   #5
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 76
You (jherm) already have access to run any command as any user. What isn't working about it?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
sudo password...? yubimusubi Linux - General 15 09-04-2009 01:08 AM
login incorrect before password ourlinuxid Linux - Security 4 01-22-2005 02:35 AM
make sudo ask for a password andy753421 Linux - Security 1 01-13-2005 08:32 PM
incorrect password (can single, but can't su) david_reno Linux - Software 2 06-19-2003 10:42 PM
incorrect password when logging in as su - DMB Linux - General 3 07-09-2002 04:00 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:25 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration