Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
whats wrong with my sudo file?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
vash331
n00b
n00b


Joined: 28 Dec 2005
Posts: 13

PostPosted: Mon Jan 02, 2006 8:07 pm    Post subject: whats wrong with my sudo file? Reply with quote

I have gone over like 10 tutorials on using sudo, and I compare my sudo file to the examples, and it doesnt seem like I have donr anything too obviously wrong.
Here is the error:
Code:
>>> sudoers file: syntax error, line 45 <<<
>>> sudoers file: syntax error, line 46 <<<
>>> sudoers file: syntax error, line 47 <<<
>>> sudoers file: syntax error, line 48 <<<
>>> sudoers file: syntax error, line 49 <<<
>>> sudoers file: syntax error, line 50 <<<
>>> sudoers file: syntax error, line 50 <<<
What now? Q


And here is my sudo file:
Code:
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification

# Cmnd alias specification

# Defaults specification

# Reset environment by default
Defaults        env_reset

# Uncomment to allow users in group wheel to export variables
Defaults:%wheel !env_reset

# Allow users in group users to export specific variables
# Defaults:%users       env_keep=TZ

# Allow specific user to bypass env_delete for TERMCAP
# Defaults:user     env_delete-=TERMCAP

# Set default EDITOR to vi, and do not allow visudo to use EDITOR/VISUAL.
# Defaults      editor=/usr/bin/vim, !env_editor

# Runas alias specification

# *** REMEMBER ***************************************************
# * GIVING SUDO ACCESS TO USERS ALLOWS THEM TO RUN THE SPECIFIED *
# * COMMANDS WITH ELEVATED PRIVILEGES.                           *
# *                                                              *
# * NEVER PERMIT UNTRUSTED USERS TO ACCESS SUDO.                 *
# ****************************************************************

# User privilege specification
root    ALL=(ALL) ALL

# Uncomment to allow people in group wheel to run all commands
# %wheel        ALL=(ALL)       ALL
%wheel          ALL=/usr/sbin/wifi-radar NOPASSWD: ALL
%wheel          ALL=/sbin/iwconfig NOPASSWD: ALL
%wheel          ALL=/sbin/iwlist NOPASSWD: ALL
%wheel          ALL=/sbin/ifconfig NOPASSWD: ALL
%wheel          ALL=/sbin/shutdown NOPASSWD: ALL
%wheel          ALL=/sbin/reboot NOPASSWD: ALL

# Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

# Users in group www are allowed to  edit httpd.conf and ftpd.conf
# using sudoedit, or sudo -e, without a password.
# %www          ALL=(ALL)       NOPASSWD: sudoedit /etc/httpd.conf, /etc/ftpd.conf

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now


Anwyway, any help would be appreciated.
Back to top
View user's profile Send private message
Maedhros
Bodhisattva
Bodhisattva


Joined: 14 Apr 2004
Posts: 5511
Location: Durham, UK

PostPosted: Mon Jan 02, 2006 8:50 pm    Post subject: Re: whats wrong with my sudo file? Reply with quote

Moved from Other Things Gentoo to Networking & Security.

vash331 wrote:
Code:
%wheel          ALL=/usr/sbin/wifi-radar NOPASSWD: ALL
%wheel          ALL=/sbin/iwconfig NOPASSWD: ALL
%wheel          ALL=/sbin/iwlist NOPASSWD: ALL
%wheel          ALL=/sbin/ifconfig NOPASSWD: ALL
%wheel          ALL=/sbin/shutdown NOPASSWD: ALL
%wheel          ALL=/sbin/reboot NOPASSWD: ALL

This looks wrong - conceptually what you're doing in these lines is allowing anyone in the wheel group to use the specified command with a password, and everything else without one. I think visudo is complaining because if you want to specify commands that require passwords as well as those that don't require a password, you'd need to put the PASSWD: tag before the list of commands requiring a password.

This is how I would write what I think you're trying to do:
Code:
%wheel          ALL = NOPASSWD: /usr/sbin/wifi-radar, /sbin/iwconfig, /usr/sbin/iwlist, /sbin/ifconfig, /sbin/shutdown, /sbin/reboot

(You could also use some Cmnd_Aliases to neaten up the list of commands.)
_________________
No-one's more important than the earthworm.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum