View previous topic :: View next topic |
Author |
Message |
vash331 n00b
Joined: 28 Dec 2005 Posts: 13
|
Posted: Mon Jan 02, 2006 8:07 pm Post subject: whats wrong with my sudo file? |
|
|
I have gone over like 10 tutorials on using sudo, and I compare my sudo file to the examples, and it doesnt seem like I have donr anything too obviously wrong.
Here is the error:
Code: | >>> sudoers file: syntax error, line 45 <<<
>>> sudoers file: syntax error, line 46 <<<
>>> sudoers file: syntax error, line 47 <<<
>>> sudoers file: syntax error, line 48 <<<
>>> sudoers file: syntax error, line 49 <<<
>>> sudoers file: syntax error, line 50 <<<
>>> sudoers file: syntax error, line 50 <<<
What now? Q |
And here is my sudo file:
Code: | # sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#
# Host alias specification
# User alias specification
# Cmnd alias specification
# Defaults specification
# Reset environment by default
Defaults env_reset
# Uncomment to allow users in group wheel to export variables
Defaults:%wheel !env_reset
# Allow users in group users to export specific variables
# Defaults:%users env_keep=TZ
# Allow specific user to bypass env_delete for TERMCAP
# Defaults:user env_delete-=TERMCAP
# Set default EDITOR to vi, and do not allow visudo to use EDITOR/VISUAL.
# Defaults editor=/usr/bin/vim, !env_editor
# Runas alias specification
# *** REMEMBER ***************************************************
# * GIVING SUDO ACCESS TO USERS ALLOWS THEM TO RUN THE SPECIFIED *
# * COMMANDS WITH ELEVATED PRIVILEGES. *
# * *
# * NEVER PERMIT UNTRUSTED USERS TO ACCESS SUDO. *
# ****************************************************************
# User privilege specification
root ALL=(ALL) ALL
# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL) ALL
%wheel ALL=/usr/sbin/wifi-radar NOPASSWD: ALL
%wheel ALL=/sbin/iwconfig NOPASSWD: ALL
%wheel ALL=/sbin/iwlist NOPASSWD: ALL
%wheel ALL=/sbin/ifconfig NOPASSWD: ALL
%wheel ALL=/sbin/shutdown NOPASSWD: ALL
%wheel ALL=/sbin/reboot NOPASSWD: ALL
# Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
# Users in group www are allowed to edit httpd.conf and ftpd.conf
# using sudoedit, or sudo -e, without a password.
# %www ALL=(ALL) NOPASSWD: sudoedit /etc/httpd.conf, /etc/ftpd.conf
# Samples
# %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users localhost=/sbin/shutdown -h now |
Anwyway, any help would be appreciated. |
|
Back to top |
|
|
Maedhros Bodhisattva
Joined: 14 Apr 2004 Posts: 5511 Location: Durham, UK
|
Posted: Mon Jan 02, 2006 8:50 pm Post subject: Re: whats wrong with my sudo file? |
|
|
Moved from Other Things Gentoo to Networking & Security.
vash331 wrote: | Code: | %wheel ALL=/usr/sbin/wifi-radar NOPASSWD: ALL
%wheel ALL=/sbin/iwconfig NOPASSWD: ALL
%wheel ALL=/sbin/iwlist NOPASSWD: ALL
%wheel ALL=/sbin/ifconfig NOPASSWD: ALL
%wheel ALL=/sbin/shutdown NOPASSWD: ALL
%wheel ALL=/sbin/reboot NOPASSWD: ALL |
|
This looks wrong - conceptually what you're doing in these lines is allowing anyone in the wheel group to use the specified command with a password, and everything else without one. I think visudo is complaining because if you want to specify commands that require passwords as well as those that don't require a password, you'd need to put the PASSWD: tag before the list of commands requiring a password.
This is how I would write what I think you're trying to do:
Code: | %wheel ALL = NOPASSWD: /usr/sbin/wifi-radar, /sbin/iwconfig, /usr/sbin/iwlist, /sbin/ifconfig, /sbin/shutdown, /sbin/reboot |
(You could also use some Cmnd_Aliases to neaten up the list of commands.) _________________ No-one's more important than the earthworm. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|