On Sun, Jan 19, 2014 at 6:12 PM, Mauricio Tavares wrote:
> So I have this centos 5.10 box which authenticates network users
> against ldap(authorizing)+kerberos(authentication). And I now would
> like to have sudo be able to allow admins (netgroup chinbeards) to
> sudo about. I am not using sssd t
So I have this centos 5.10 box which authenticates network users
against ldap(authorizing)+kerberos(authentication). And I now would
like to have sudo be able to allow admins (netgroup chinbeards) to
sudo about. I am not using sssd though (yet).
Here is the output of me trying sudo (debug on):
[r
Some notes:
Every time you "echo $?", you are wiping out the return status (because
echo returns a success and changes $? to 0), so none of your if statements
will ever catch any errors.
Consider getting rid of the 'if' subtrees by negating your condition, which
will make it much easier to unders
Consider using the NOPASSWD option, on the remote systems, to allow this
particular use to run this particular script.
--
Mike Burger
http://www.bubbanfriends.org
"It's always suicide-mission this, save-the-planet that. No one ever just
stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1
Consider using the NOPASSWD option, on the remote systems, to allow this
particular use to run this particular script.
--
Mike Burger
http://www.bubbanfriends.org
"It's always suicide-mission this, save-the-planet that. No one ever just
stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1
Hello list,
I took another stab at finding a way to add a sudo user remotely and it
gets you most of the way there. If you execute the script as root it works
beautifully and does just what you want. Which is add the user to the
group and gives that user group rights to certain commands.
But if
On Fri, Nov 09, 2012 at 11:37:34AM +1300, Gregory Machin wrote:
> line 117| greg ALL = /bin/chown -R root:root /opt
> line 118| greg ALL = /usr/bin/setfact -R -m u:greg.reeve:rwx /opt
> line 119| greg ALL = /usr/bin/setfact -d -R -m u:greg.reeve:rwx /opt
Try putting a \ in front of all
Hi.
I have a user that I want to limit to only running a couple of commands ...
As in here user just copy and paste where needed , sorry thats all your
allowed to do ... but thus far I can't get the syntax correct for the
sudoers file
line 115| greg ALL = /bin/chmod -R o+rx /opt
line 116| gre
From: Sven Aluoor
> On Tue, Sep 20, 2011 at 1:48 PM, John Doe wrote:
>> Tried with -- ?
>> Maybe replace the last * with [! ]*
> doesn't work. Any other idea?
I tried the following in /etc/sudoers:
myuser ALL=/o*/te*
And cat /opt/test
#!/bin/bash
echo "$*"
touch /root/test
Then:
On Tue, Sep 20, 2011 at 1:48 PM, John Doe wrote:
> Tried with -- ?
> Maybe replace the last * with [! ]*
doesn't work. Any other idea?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
From: Sven Aluoor
I allow the user tommy to run this command as root
> sudoCommand: /app/appname/connectors/*/*/current/bin/*
> $ sudo /app/appname/connectors/zur/namename/current/bin/othername
> agentsvc --i --u root --sn 1m7command
> Sorry, user tommy is not allowed to execute
> '/app/appname/
Hi folks
I allow the user tommy to run this command as root
sudoCommand: /app/appname/connectors/*/*/current/bin/*
With "sudo -l" he sees the sudoers, but is unable to execute.
$ sudo /app/appname/connectors/zur/namename/current/bin/othername
agentsvc --i --u root --sn 1m7command
Sorry, user to
On Wed, Jul 27, 2011 at 7:39 AM, Craig White wrote:
> On Tue, 2011-07-26 at 15:59 -0500, Trey Dockendorf wrote:
> > Well I verified that putting the following line in /etc/sudoers works
> >
> >
> > zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet
> >
> >
> > However if I put it in /etc/sudoe
On Tue, 2011-07-26 at 15:59 -0500, Trey Dockendorf wrote:
> Well I verified that putting the following line in /etc/sudoers works
>
>
> zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet
>
>
> However if I put it in /etc/sudoers.d/zabbix-puppet it does not.
> Exact same spacing and everythi
Well I verified that putting the following line in /etc/sudoers works
zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet
However if I put it in /etc/sudoers.d/zabbix-puppet it does not. Exact same
spacing and everything.
The file was created with Puppet , and based on these errors I'm at a
l
On 07/25/11 4:41 PM, Trey Dockendorf wrote:
> I am unable to get the #includedir function to work with sudo. This
> works just fine on all my CentOS 5.6 servers, but on 6 it is being
> ignored. I have this line in the file /etc/sudoers.d/zabbix-puppet
>
> zabbix ALL=NOPASSWD: /var/lib/zabbix/bi
On Mon, Jul 25, 2011 at 7:41 PM, Trey Dockendorf wrote:
>
> I am unable to get the #includedir function to work with sudo. This works
> just fine on all my CentOS 5.6 servers, but on 6 it is being ignored. I
> have this line in the file /etc/sudoers.d/zabbix-puppet
> zabbix ALL=NOPASSWD: /var/li
Correction, seems to be broken in 5.6 as well...I also had this interesting
argument with sudo...
# visudo -c -f /etc/sudoers.d/zabbix-puppet
>>> /etc/sudoers.d/zabbix-puppet: syntax error near line 0 <<<
parse error in /etc/sudoers.d/zabbix-puppet near line 0
(((NOTE: I made absolutely no change
I am unable to get the #includedir function to work with sudo. This works
just fine on all my CentOS 5.6 servers, but on 6 it is being ignored. I
have this line in the file /etc/sudoers.d/zabbix-puppet
zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet
However sudo still requires a password.
On Fri, Dec 10, 2010 at 8:43 AM, Steve Clark wrote:
> Hi,
>
> I have a confusing problem. I have two centos 5,5 boxes. Both have
> sudo.i386 1.7.2p1-9.el5_5
> installed
>
> I am using the same sudoers file, but the one on box A keeps trying to do
> DNS lookups
> whil
On Fri, Dec 10, 2010 at 2:23 PM, Steve Clark wrote:
> On 12/10/2010 10:40 AM, Tom H wrote:
> On Fri, Dec 10, 2010 at 8:43 AM, Steve Clark wrote:
>>>
>>> I have a confusing problem. I have two centos 5,5 boxes. Both have
>>> sudo.i386 1.7.2p1-9.el5_5
>>> installed
>>
On 12/10/2010 10:40 AM, Tom H wrote:
On Fri, Dec 10, 2010 at 8:43 AM, Steve Clark wrote:
I have a confusing problem. I have two centos 5,5 boxes. Both have
sudo.i3861.7.2p1-9.el5_5
installed
I am using the same sudoers file, but the one on box A keeps trying
On Fri, Dec 10, 2010 at 8:43 AM, Steve Clark wrote:
>
> I have a confusing problem. I have two centos 5,5 boxes. Both have
> sudo.i386 1.7.2p1-9.el5_5
> installed
>
> I am using the same sudoers file, but the one on box A keeps trying to do
> DNS lookups while the on
On Fri, 10 Dec 2010, Scott Robbins wrote:
> Just to eliminate other possibilities--are either of these
> authenticating against an LDAP server?
That was entirely the line I was probing. nsswitch.conf would be telling.
jh
___
CentOS mailing list
CentOS
From: Steve Clark
> Without the:
> Defaults fqdn
> it hangs for a long time, this is when I don't have connection to the net,
> if I have connection there is just a slight pause while tries to do the DNS
> lookup.
Did you compare the following files between both servers?
/etc/hosts
/etc/reso
On Fri, Dec 10, 2010 at 02:53:19PM +, John Hodrien wrote:
> On Fri, 10 Dec 2010, Steve Clark wrote:
>
> > it hangs for a long time, this is when I don't have connection to the net,
> > if I have connection there is just a slight pause while tries to do the DNS
> > lookup.
>
> What makes you
On Fri, 10 Dec 2010, Steve Clark wrote:
> it hangs for a long time, this is when I don't have connection to the net,
> if I have connection there is just a slight pause while tries to do the DNS
> lookup.
What makes you sure it's a DNS lookup that causes the long hang when there's
no network conn
On 12/10/2010 09:04 AM, John Doe wrote:
From: Steve Clark
I have a confusing problem. I have two centos 5,5 boxes. Both have
sudo.i3861.7.2p1-9.el5_5
installed
I am using the same sudoers file, but the one on box A keeps trying to do DNS
lookups
wh
From: Steve Clark
>I have a confusing problem. I have two centos 5,5 boxes. Both have
>sudo.i3861.7.2p1-9.el5_5
installed
>I am using the same sudoers file, but the one on box A keeps trying to do DNS
>lookups
>while the one on box B does not. How do
OS mailing list
*Subject:* [CentOS] sudo doing DNS lookup
Hi,
I have a confusing problem. I have two centos 5,5 boxes. Both have
sudo.i3861.7.2p1-9.el5_5
installed
I am using the same sudoers file, but the one on box A keeps trying to
do DNS look
Maybe I am missing something here.. but what does 'sudo' have to do with
DNS resolution?
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
Behalf Of Steve Clark
Sent: Friday, December 10, 2010 7:44 AM
To: CentOS mailing list
Subject: [CentOS] sudo doing DNS loo
Hi,
I have a confusing problem. I have two centos 5,5 boxes. Both have
sudo.i3861.7.2p1-9.el5_5
installed
I am using the same sudoers file, but the one on box A keeps trying to
do DNS lookups
while the one on box B does not. How do I disable this
On Thu, Oct 7, 2010 at 11:35 PM, David Goldsmith wrote:
> On 10/7/2010 9:59 PM, Tom H wrote:
>> On Thu, Oct 7, 2010 at 9:48 PM, David Goldsmith wrote:
>>> On 10/7/2010 9:25 PM, Tom H wrote:
On Thu, Oct 7, 2010 at 7:20 PM, David Goldsmith
wrote:
> Two servers, each have normal user
David Goldsmith wrote on 10/08/2010 09:09 AM:
...
> Since the sudo 1.6.9 systems don't like seeing that line in their config
> file, I either need to get all the systems upgraded to 1.7.2 or modify
> Puppet to push different versions of the /etc/sudoers depending on what
> version of sudo is instal
On 10/8/2010 4:42 AM, John Doe wrote:
> From: David Goldsmith
>
>> On the first server (CentOS 5.4 i386) running sudo 1.6.9pl7-5 (from
>> base), here are the results of touching a file as a user, as root and as
>> a user sudoing to root:
>> On the second server (CentOS x86-64) running sudo 1.7
From: David Goldsmith
> On the first server (CentOS 5.4 i386) running sudo 1.6.9pl7-5 (from
> base), here are the results of touching a file as a user, as root and as
> a user sudoing to root:
> On the second server (CentOS x86-64) running sudo 1.7.2p1-7 (from
> updates), here are the results
On 10/7/2010 9:59 PM, Tom H wrote:
> On Thu, Oct 7, 2010 at 9:48 PM, David Goldsmith wrote:
>> On 10/7/2010 9:25 PM, Tom H wrote:
>>> On Thu, Oct 7, 2010 at 7:20 PM, David Goldsmith wrote:
Two servers, each have normal user umask values of 0077 and root umask
values on 0022.
O
On Thu, Oct 7, 2010 at 9:48 PM, David Goldsmith wrote:
> On 10/7/2010 9:25 PM, Tom H wrote:
>> On Thu, Oct 7, 2010 at 7:20 PM, David Goldsmith wrote:
>>> Two servers, each have normal user umask values of 0077 and root umask
>>> values on 0022.
>>>
>>> On the first server (CentOS 5.4 i386) runnin
On 10/7/2010 9:25 PM, Tom H wrote:
> On Thu, Oct 7, 2010 at 7:20 PM, David Goldsmith wrote:
>> Two servers, each have normal user umask values of 0077 and root umask
>> values on 0022.
>>
>> On the first server (CentOS 5.4 i386) running sudo 1.6.9pl7-5 (from
>> base), here are the results of touch
On Thu, Oct 7, 2010 at 7:20 PM, David Goldsmith wrote:
> Two servers, each have normal user umask values of 0077 and root umask
> values on 0022.
>
> On the first server (CentOS 5.4 i386) running sudo 1.6.9pl7-5 (from
> base), here are the results of touching a file as a user, as root and as
> a u
Two servers, each have normal user umask values of 0077 and root umask
values on 0022.
On the first server (CentOS 5.4 i386) running sudo 1.6.9pl7-5 (from
base), here are the results of touching a file as a user, as root and as
a user sudoing to root:
user: touch file- result is 600
root:
Em 24-02-2010 00:22, David McGuffey escreveu:
> I've done everything stated in the various guidance to get a regular
> user to use virt-manager (graphical Virtual Machine Manager) under
> CentOS 5.4 with KVM. Placing the user in the kvm group and changing
> permissions on several files to include
I've done everything stated in the various guidance to get a regular
user to use virt-manager (graphical Virtual Machine Manager) under
CentOS 5.4 with KVM. Placing the user in the kvm group and changing
permissions on several files to include kvm has not worked...the user
still needs to enter the
Are you trying to run sudo when logged in as root? sudo is only used by
non root users.
Robert Heller wrote:
> At Fri, 23 Oct 2009 10:50:38 +0530 CentOS mailing list
> wrote:
>
>
>>
>> Hi guys,
>> Thanks
>>
>> What i am trying to achieve is; when executing
>>
>> # sudo make install
>> Passw
At Fri, 23 Oct 2009 10:50:38 +0530 CentOS mailing list
wrote:
>
>
>
> Hi guys,
> Thanks
>
> What i am trying to achieve is; when executing
>
> # sudo make install
> Password:*
>
> this password entered is root password.
>
> it gives is error
>
> Sorry, try again.
Sudo asks for t
On Fri, 23 Oct 2009 11:18:56 +0530
vijay shanker wrote:
> if it expects my own password then why not i can execute these command
> without giving "sudo" as prefix.
Because sudo is the program that gives you the rights to execute certain
commands as root without actually being the root user. If y
Goood John,
But you please also clarify what does sudo means;
if it expects my own password then why not i can execute these command
without giving "sudo" as prefix.
If i am a genuine sudoer then can i edit files on which only root has
execution rights.
Regards,
Vijay Shanker Dubey
Ph: +91-9818
vijay shanker wrote:
> Hi guys,
>
> Thanks
>
> What i am trying to achieve is; when executing
>
> # sudo make install
> Password:*
>
> this password entered is root password.
sudo expeccts your USER password, not the root password. the whole
idea is the admin doesn't ened to give out t
Hi guys,
Thanks
What i am trying to achieve is; when executing
# sudo make install
Password:*
this password entered is root password.
it gives is error
Sorry, try again.
but when i do a su - and then gave the same root password. I am able to
switch account to user.
---
Am am try
At Thu, 22 Oct 2009 14:00:27 -0400 CentOS mailing list
wrote:
>
>
>
> Hello guys;
>
> I am not able to use sudo command on my just installed centos5.3
>
> But i know i am using right password to root.
>
> Is this is by default not enabled; if so, what to do.
You don't use root's password,
Benjamin Donnachie wrote:
> 2009/10/22 Jay :
>> sudo su -
>
> sudo -s is so much neater! :)
>
But it is yet another unnecessary special case to remember.
--
Les Mikesell
lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lis
2009/10/22 Jay :
> sudo su -
sudo -s is so much neater! :)
Ben
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
2009/10/22 vijay shanker :
> I am not able to use sudo command on my just installed centos5.3
What are you trying to achieve? Perhaps su is the command you need?
Ben
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/cen
use your user password for sudo not root's password.
sudo su -
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
vijay shanker wrote:
> Hello guys;
>
> I am not able to use sudo command on my just installed centos5.3
>
> But i know i am using right password to root.
>
> Is this is by default not enabled; if so, what to do.
>
You really need to configure /etc/sudoers, if you have not already.
-Alan
__
Hello guys;
I am not able to use sudo command on my just installed centos5.3
But i know i am using right password to root.
Is this is by default not enabled; if so, what to do.
Regards,
Vijay Shanker Dubey
Ph: +91-9818311884
___
CentOS mailing list
C
On Fri, Oct 10, 2008 at 12:49:49PM -0400, [EMAIL PROTECTED] wrote:
> Hi
>
> Biz_User needs to switch to Sales_User, and I tried following in sudoers:
> Biz_User ALL=(Sales_User) ALL
>
> but I get following error when I run sudo su - Sales_User
>
> "Sorry, user Biz_User is not allowed to execute
[EMAIL PROTECTED] a écrit :
> Hi
>
> Biz_User needs to switch to Sales_User, and I tried following in
> sudoers:
> Biz_User ALL=(Sales_User) ALL
>
> but I get following error when I run sudo su - Sales_User
>
> "Sorry, user Biz_User is not allowed to execute '/usr/bin/su -
> Sales_User'
> as root
Hi
Biz_User needs to switch to Sales_User, and I tried following in sudoers:
Biz_User ALL=(Sales_User) ALL
but I get following error when I run sudo su - Sales_User
"Sorry, user Biz_User is not allowed to execute '/usr/bin/su - Sales_User'
as root on Server_Name"
I know that if I add root in
Centos wrote:
> Hello
>
> unfortunately other users can change to my user name with sudo,
> how I can prevent it ? is there a command to prevent to change to only my
> user name ?
DO NOT HIJACK THREADS ON A MAILING LIST. Post a "fresh" mail to
centos@centos.org, don't just blindly reply to some m
Centos wrote:
Hello
unfortunately other users can change to my user name with sudo,
how I can prevent it ? is there a command to prevent to change to only
my user name ?
if you allow users open access to sudo, they can do anything that root
can, which is just about anything.
the alternativ
Hello
unfortunately other users can change to my user name with sudo,
how I can prevent it ? is there a command to prevent to change to only my
user name ?
Thanks
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/c
Sorry for my typo error - should have been:
Modify your ~./bash_profile and add /sbin to your PATH.
cheers!
On 7/22/07, Eduardo Dela Rosa <[EMAIL PROTECTED]> wrote:
Modify your ~/.bash_profile and /sbin to your path, i.e.,
PATH=/sbin:/usr/sbin:$PATH:$HOME/bin
On 7/22/07, centos <[EMAIL PR
Modify your ~/.bash_profile and /sbin to your path, i.e.,
PATH=/sbin:/usr/sbin:$PATH:$HOME/bin
On 7/22/07, centos <[EMAIL PROTECTED]> wrote:
Hello
Any time I am running sudo, I should have full path to the command,
for example sudo /sbin/ifconfig
Is there any way to set the path for sudo ?
Brad Oaks wrote:
And while you're at it, you might as well supply the full path to su.
indeed, many traditional Unix (such as Solaris) admins tend to type the
full path to most all admin commands, so you're sure you're running the
correct stuff.
but su - will change the user to root.
any other way ?
I don't want to change the user to root and work,
want to stay with the same user, but having my PATH apply while I am
using sudo
sudo man page says we can user -s to use SHELL environment, so I can
alias sudo to sudo -s
but still I should
And while you're at it, you might as well supply the full path to su.
Quite a while ago I was taught to give the full path to su. This
instruction was given with a warning that it's more secure in case a
malicious user was able to get a command named 'su' into your path
ahead of the binary you're
centos wrote:
> Hello
>
> Any time I am running sudo, I should have full path to the command,
> for example sudo /sbin/ifconfig
>
> Is there any way to set the path for sudo ?
use this command to get that (instead of just sudo):
sudo su -
signature.asc
Description: OpenPGP digital signature
Hello
Any time I am running sudo, I should have full path to the command,
for example sudo /sbin/ifconfig
Is there any way to set the path for sudo ?
Thanks
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
69 matches
Mail list logo
