[CentOS] CentOS Digest, Vol 57, Issue 14
m.roth at 5-cent.us
m.roth at 5-cent.us
Thu Oct 15 13:41:16 UTC 2009
> Thanks for the responses. I think this is what I want to do. I commented
> out
>
> #Defaults requiretty
>
> in /etc/sudo. But what I really wanted to do was just place it in
> VPNUSERS:
>
> %vpnusers ALL=NOPASSWD: /sbin/service myciscovpn start, \
> /sbin/service myciscovpn stop, \
> /sbin/service myciscovpn status, \
> /usr/bin/mycisco, /usr/local/bin/vpnclient
>
> visudo took it but it did not work. Actually if I could just put it in
> user tony that would be best:
>
> tony ALL=(ALL) NOPASSWD: ALL !requiretty
>
> But that gives a syntax error. What is the correct way to specify it?
For one, I *hope* that you used visudo, and not just vi.
Second, leave the Defaults: requiretty in, put tony as the very last thing
in the file, and put Defaults: !requiretty just above it.
mark
>
> -----Original Message-----
>> Well, I noticed that ssh/scp probably requires tty and when called
>> from a script, its not from a tty.
>>
>> At least in my case which was drupal calling a script that lauched
>> ssh, a non tty source.
>>
>> I also required running privileged commands.
>>
>> Mebbe you don't need all this so check your logs and see what happens.
>>
> My last job, I was setting up rsync backups. What I did was create a user,
> backup, then in /etc/sudoers, have !requiretty *only* for that user. The
> user was also limited in what commands it could run (in that case, rsync
> only).
>
> Don't forget to log in as that user first, so that you don't get the "Oh,
> This is a new IP, are you Sure you want to continue connecting?!?!"
>
> mark
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
More information about the CentOS
mailing list