Re: somewhat OT: sudo question





On 09/09/2010 05:32 PM, Ranjan Maitra wrote:
On Thu, 9 Sep 2010 14:18:43 -0500 kalinix
<calin.kalinix.cosma@xxxxxxxxx> wrote:

On Thu, 2010-09-09 at 14:12 -0500, Ranjan Maitra wrote:


On Thu, 9 Sep 2010 13:59:18 -0500 JD<jd1008@xxxxxxxxx<mailto:jd1008@xxxxxxxxx>> wrote:


On 09/09/2010 11:41 AM, Ranjan Maitra wrote:
Hi,

I would like to set up sudo permissions for myself (let us say) such
that I do not need password for /usr/sbin/pm-hibernate
or /usr/sbin/pm-suspend but need it for everything else. Anyone know
off-hand how this can be done by adding lines in the /etc/sudoers file?

Many thanks and best wishes,
Ranjan
Append a line like the following to /etc/sudoers

ranjan ALL=(ALL) NOPASSWD: ALL
Sorry, maybe I was not clear. I wanted to have the ability to use sudo
without password for the above two commands, but use sudo with password
(required) for everything else.

Will it be enough to type the two commands with a comma separator after
the NOPASSWD: (and instead of the ALL)? I guess I could try this, but
wanted to be sure.

Ranjan


--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx<mailto:users@xxxxxxxxxxxxxxxxxxxxxxx>
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines



In aliases section:


Cmnd_Alias HIBERNATE = /usr/sbin/pm-hibernate, /usr/sbin/pm-suspend


in the main part:

rajan ALL=(ALL) NOPASSWD: HIBERNATE


This should do the trick in the way that you will be able to run any command (ALL) and you will be asked for the password, except for commands that are defined under the HIBERNATE alias.
Hi, I have been unable to get this to work. If I do exactly as above,
or even forgo the alias and specifically write

maitra ALL=(ALL) NOPASSWD:/usr/sbin/pm-hibernate,/usr/sbin/pm-suspend

in the main part, nothing works under sudo. Specifically, even a simple
command as sudo yum update yields:

Sorry, user maitra is not allowed to execute '/usr/bin/yum update' as root on (name of machine).

What is wrong here?

Of course,
maitra ALL=(ALL) ALL

works just fine, but of course, asks me for my password for every sudo command.


Fact is that once you entered the password in sudo, it will be remembered for the rest of the session.
Really, in my case, there seems to be a time window of around 5 minutes
or so before it again asks for a password. I like this feature (which I
thought was default everywhere, but I guess not).

Thanks!
Ranjan

You have a typo.
The entry in sudoers should be:
maitra ALL=(ALL) NOPASSWD:
/usr/sbin/pm-hibernate,/usr/sbin/pm-suspend

Notice the space after the colon :


--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines



Relevant Pages

  • Re: [kde-linux] KDE 4 and monitor powering off.
    ... I changed it so that it would run as root since I have to ... I have sudo configured so my normal user has very limited access (some ... commands, with specific parameters. ... The admin user has full passwordless access to do everything root could ...
    (KDE)
  • Re: trouble compiling Midnight Commander
    ... to get the file manager Midnight Commander running on my Mac Pro. ... first tried the Fink version, but that was essentially useless, so now ... sudo commands. ... I issued 'sudo make install' as the last of the commands listed ...
    (comp.sys.mac.apps)
  • Fwd: How to track down which commands sudoers set up?
    ... sent to list proper this time. ... How to track down which commands sudoers set up? ... I believe that sudo can be configured to limit the extent to which the ...
    (Security-Basics)
  • Re: Dumb question of the week.
    ... me a blood-red prompt. ... I think that 'root' commands must work without surprises like aliases ... My su and sudo work as defined in the man pages, ... which asks for the root password and then, ...
    (alt.os.linux.suse)
  • [opensuse] sudo, and useradd
    ... I am trying to setup sudo rights on a specific user ... # create group LIMITEDTRUST with user test as a member ... the commands listed in cmnd alias PROGRAMS ... The views expressed in this e-mail are the views of the individual sender and should in no way be construed as the views of the Company. ...
    (SuSE)