LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Closed Thread
  Search this Thread
Old 07-08-2006, 05:14 AM   #1
Swift&Smart
Member
 
Registered: Jan 2003
Location: Hong Kong,China
Distribution: Slackware,OpenSUSE
Posts: 472

Rep: Reputation: 30
sudo permission denied


Hello,everyone.

Yesterday,I used sudo to do some administrative task as root.However,if I issue command "sudo -u user command",the computer told me that permission denied.And it's strange that when I issue this command without specifying user(I log in as that user),the command will go fine.

Do you guys have any experience of that one?Please guide.
 
Old 07-08-2006, 09:41 AM   #2
uselpa
Senior Member
 
Registered: Oct 2004
Location: Luxemburg
Distribution: Slackware, OS X
Posts: 1,507

Rep: Reputation: 47
Can you post the output of
Code:
cat /etc/sudoers | grep -v "^[:space:]*#" | grep -v "^[:space:]*$"
please?
 
Old 07-12-2006, 12:17 PM   #3
Swift&Smart
Member
 
Registered: Jan 2003
Location: Hong Kong,China
Distribution: Slackware,OpenSUSE
Posts: 472

Original Poster
Rep: Reputation: 30
my terminal responsed with these code:

Quote:
root ALL=(ALL) NOPASSWD:ALL
nobody localhost=(ALL) NOPASSWD:command_which_i_need_to_run
Any clue?
 
Old 07-12-2006, 01:34 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Try using an unprivileged account with UID >= 500 (/etc/login.defs default):
Code:
swiftsmart localhost=(ALL) NOPASSWD: (nobody) command_to_run
Now if you do "sudo -l" as user "swiftsmart" you'll see you can "sudo -u nobody command_to_run".
Of course "nobody command_to_run" must be accessable as user nobody and maybe need cd /somewhere/else if it isn't allowed to output in the CWD.

Last edited by unSpawn; 07-12-2006 at 01:37 PM.
 
Old 07-13-2006, 12:11 AM   #5
Swift&Smart
Member
 
Registered: Jan 2003
Location: Hong Kong,China
Distribution: Slackware,OpenSUSE
Posts: 472

Original Poster
Rep: Reputation: 30
unSpawn,I need to clarify something.

Please correct me if I am wrong.SUDO is used to do some task which only root can do but use other account than root because of security concern.Is that right?If so,why can't user "nobody" uses command which root can run?How come the command should be accessible by nobody.Isn't it nobody is a substitute as root?

Please tell.
 
Old 07-13-2006, 02:05 AM   #6
uselpa
Senior Member
 
Registered: Oct 2004
Location: Luxemburg
Distribution: Slackware, OS X
Posts: 1,507

Rep: Reputation: 47
sudo can be configured to allow you to run commands as ANY OTHER user. root is just the most obvious use case, but you can also permit user U1 to run command C1 as user U2, where U2 can be root or nobody or whatever you like.
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
can't execute c++ binaries, "permission denied"... even though permission is 777 SerfurJ Programming 14 02-20-2009 05:50 AM
sudo and smartctl /dev/hda permission problem on Slackware 10.2 emphaze Linux - General 2 06-21-2006 08:47 AM
Permission Denied Old Timer Programming 4 12-15-2005 04:23 PM
Permission Denied Deag^ Linux - Newbie 2 10-20-2004 03:14 PM
permission denied noir-gel Programming 8 11-17-2003 11:25 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 12:56 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration