Loading ...
Sorry, an error occurred while loading the content.

Re: [nslu2-linux] sudo password isn't the root's one!

Expand Messages
  • Bruce Kreutzer
    Cedric- Good comments from all who already replied. You didn t say what you were trying to allow your petuser to do. The way you set up sudo in the sudoers
    Message 1 of 4 , Oct 26, 2007
    • 0 Attachment
      Cedric-

      Good comments from all who already replied.

      You didn't say what you were trying to allow your 'petuser' to do.
      The way you set up sudo in the sudoers file, you have given ALL root commands to that user.
      You probably really want to allow only certain commands.
      You can use lines like this to give certain commands to a user (or group of commands to groups of users):
      Host_Alias             WEBSERVERS   = webhost1, webhost2
      User_Alias             WEBMASTER   = jsmith
      Cmnd_Alias           CSSUPDATE   = /usr/local/bin/update_test_css
      WEBMASTER       WEBSERVERS=(tomcat) CSSUPDATE

      This allows the WEBMASTER (user jsmith) to run the CSSUPDATE commands on the WEBSERVERS machines as the user tomcat.
      This is an example from a regular linux machine, not a slug, but it should work the same way.
      Names were changed to protect the innocent(!).

      Bruce


      This allows
      On 10/26/07, C├ędric Gampert <cedricg@...> wrote:

      Hello everyone,

      I'm using the unslung firmeware nslu2 replacement.

      I've installed the 'sudo' command and did a 'visudo' to add to
      '/opt/etc/sudoers' an user, so now I have this in 'sudoers' :
      # User privilege specification
      root ALL=(ALL) SETENV: ALL
      petuser ALL=(ALL) ALL

      The problem :
      Now, admit that 'root' has 'x' for password and 'petuser' has 'y'.
      When I'm logged under 'petuser' account I do someghing like 'sudo chmod
      755 /bin/foo' if submit the 'x' password (root's one) the system will
      respond after 3 attempts : 'sudo: 3 incorrect password attempts'.
      So, I've tryed to submit the 'y' password (the current logged user's one)
      and the 'sudo' command give me full 'root' access.

      While this work, I'm not feeling safe to have this behavior!

      Did someone else encountered this or/and know how to get a sudo password
      different from the current user?

      Greetings, cedric.


    Your message has been successfully submitted and would be delivered to recipients shortly.