[CentOS] using NOPASSWD in sudoers
Ski Dawg
centos at skidawg.org
Sat Sep 20 14:28:25 UTC 2008
On Fri, Sep 19, 2008 at 9:40 AM, ankush grover <ankushcentos at gmail.com> wrote:
> On Thu, Sep 18, 2008 at 11:19 PM, Ski Dawg <centos at skidawg.org> wrote:
>> Hello Everyone,
>>
>> # User alias specification
>> User_Alias FULLACCESS = doug, scott
>>
>> # members of the FULLACCESS User_Alias may run chown and chmod without
>> a password
>> FULLACCESS ALL = (root) NOPASSWD: /bin/chown, /bin/chmod
>>
>> # members of the FULLACCESS User_Alias may run anything but need a password
>> FULLACCESS ALL=(root) ALL
>
> Can you remove (root) and then try for NOPASSWD
Thanks for the reply. I finally figured it out later.
What I eneded up having to do is place the NOPASSWD line AFTER the
password required line, like:
# members of the FULLACCESS User_Alias may run anything but need a password
FULLACCESS ALL=(ALL) ALL
# members of the FULLACCESS User_Alias may run chown and chmod without
a password
FULLACCESS ALL = NOPASSWD: /bin/chown, /bin/chmod
I found something somewhere, don't remember where though, that stated
that sudoers worked down the entire file, and the following line would
overwrite the access, thus requiring a password when the line were
switched.
Another thing that got me for a little bit, when using visudo to edit
the sudoers file, it is actually just editing a tmp file, so to
completely write your changes to /etc/sudoers, you have to actually
quit visudo, just like when editing cron.
Thanks again for your reply.
--
Doug
Registered Linux User #285548 (http://counter.li.org)
----------------------------------------
Never trust a computer you can't throw out a window.
-- Steve Wozniak
More information about the CentOS
mailing list