Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

[SOLVED] sudo NOPASSWD propts for password
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Other Things Gentoo
View previous topic :: View next topic  
Author Message
sbdmmg
n00b
n00b


Joined: 01 Jul 2010
Posts: 34
Location: NJ, USA
PostPosted: Sun Jul 08, 2012 11:34 pm    Post subject: [SOLVED] sudo NOPASSWD propts for password Reply with quote
Hello,

I have one line in my sudoers file that reads
Code:

gerbaudo ALL = NOPASSWD: /usr/sbin/pm-suspend , /sbin/ifconfig , /sbin/iwconfig , /sbin/dhcpcd , PASSWD:ALL

and the sudoers file seems to be fine:

Code:

# visudo -c
/etc/sudoers: parsed OK

Code:

gerbaudo $ sudo -l
User gerbaudo may run the following commands on this host:
    (root) NOPASSWD: /usr/sbin/pm-suspend, (root) /sbin/ifconfig, (root) /sbin/iwconfig, (root) /sbin/dhcpcd, (root) PASSWD: ALL
    (ALL) ALL


However, when I try to run one of these commands I get the prompt for my password.

Code:

$ sudo /usr/sbin/pm-suspend
Password:


Any idea about what I could be doing wrong? I looked for some 'verbose' option, but I cannot find any useful debug info.

Many thanks,

davide

Code:

$ sudo -V 
Sudo version 1.8.5p2
Sudoers policy plugin version 1.8.5p2
Sudoers file grammar version 41
Sudoers I/O plugin version 1.8.5p2


Code:

# emerge --info
Portage 2.1.10.65 (default/linux/x86/10.0, gcc-4.5.3, glibc-2.14.1-r3, 3.2.21-gentoo i686)
=================================================================
System uname: Linux-3.2.21-gentoo-i686-Intel-R-_Core-TM-_i5-2520M_CPU_@_2.50GHz-with-gentoo-2.1
Timestamp of tree: Sat, 07 Jul 2012 15:15:01 +0000
app-shells/bash:          4.2_p20
dev-java/java-config:     2.1.11-r3
dev-lang/python:          2.7.3-r2, 3.2.3
dev-util/cmake:           2.8.7-r5
dev-util/pkgconfig:       0.26
sys-apps/baselayout:      2.1-r1
sys-apps/openrc:          0.9.8.4
sys-apps/sandbox:         2.5
sys-devel/autoconf:       2.13, 2.68
sys-devel/automake:       1.9.6-r3, 1.11.1
sys-devel/binutils:       2.21.1-r1
sys-devel/gcc:            4.5.3-r2
sys-devel/gcc-config:     1.6
sys-devel/libtool:        2.4-r1
sys-devel/make:           3.82-r1
sys-kernel/linux-headers: 3.1 (virtual/os-headers)
sys-libs/glibc:           2.14.1-r3
Repositories: gentoo zugaina dev-zero science x-portage
ACCEPT_KEYWORDS="x86"


Last edited by sbdmmg on Mon Jul 09, 2012 10:12 pm; edited 1 time in total
Back to top
View user's profile Send private message
kurly
Apprentice
Apprentice


Joined: 02 Apr 2012
Posts: 260
PostPosted: Mon Jul 09, 2012 12:55 am    Post subject: Reply with quote
From the man page for sudoers:

Quote:
When multiple entries match for a user, they are applied in order. Where there are multiple matches, the last
match is used (which is not necessarily the most specific match).


So try moving the more specific rules to the end. Please report back and let us know if this works.
Back to top
View user's profile Send private message
sbdmmg
n00b
n00b


Joined: 01 Jul 2010
Posts: 34
Location: NJ, USA
PostPosted: Mon Jul 09, 2012 8:12 am    Post subject: Reply with quote
Hello,

Thanks a lot for your message. Indeed, I had one
Code:
%wheel
rule following the user-specific one.
However, even after moving the user-specific rule at the end of the sudoers file, the prompt for password still comes up.

Code:

gerbaudo $ sudo -l
User gerbaudo may run the following commands on this host:
    (ALL) ALL
    (root) NOPASSWD: /usr/sbin/pm-suspend, (root) /sbin/ifconfig, (root) /sbin/iwconfig, (root) /sbin/dhcpcd, (root) PASSWD: ALL
gerbaudo $ sudo /sbin/ifconfig
Password:


My current sudoers file is here http://pastebin.com/RHQpseSd
Thanks for any suggestion you might have.

Cheers,

davide
Back to top
View user's profile Send private message
kurly
Apprentice
Apprentice


Joined: 02 Apr 2012
Posts: 260
PostPosted: Mon Jul 09, 2012 2:26 pm    Post subject: Reply with quote
The (root) PASSWD: ALL at the end of the line is still superseding everything that comes before it.
Back to top
View user's profile Send private message
sbdmmg
n00b
n00b


Joined: 01 Jul 2010
Posts: 34
Location: NJ, USA
PostPosted: Mon Jul 09, 2012 10:11 pm    Post subject: Reply with quote
Thank you, Kurly!
I wanted to have a few commands without password, and everything else with password.
I misread the sudoers man page, and just appended the 'PASSWD:ALL' bit at the end of the line.
Now working with the line below:
Code:

gerbaudo ALL = PASSWD:ALL, NOPASSWD: /usr/sbin/pm-suspend , /sbin/ifconfig , /sbin/iwconfig , /sbin/dhcpcd


Many thanks,

davide
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Other Things Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy