search for: nopasswd

Hello everybody! How can i create with puppet following sudoers file: User_Alias CENTREON=apache,nagios CENTREON ALL = NOPASSWD: /etc/init.d/nagios* restart CENTREON ALL = NOPASSWD: /etc/init.d/nagios* reload CENTREON ALL = NOPASSWD: /usr/bin/nagios* -v * The problem that augeas create only last line, replacing previous one. -- You received this message because you are subscribed to the Google Groups "Puppet Use...

...nds to be run as root without a password, but it isn't working. Here is the part of the sudoers file that is in question. # User alias specification User_Alias FULLACCESS = doug, scott # members of the FULLACCESS User_Alias may run chown and chmod without a password FULLACCESS ALL = (root) NOPASSWD: /bin/chown, /bin/chmod # members of the FULLACCESS User_Alias may run anything but need a password FULLACCESS ALL=(root) ALL The part for requiring a password works, but not the NOPASSWD line. I have tried changing the order of these lines with no change in behavior. After each change to the...

...here in an earlier thread. define sudoer() { augeas { "sudo${name}": context => "/files/etc/sudoers", changes => [ "set spec[last() + 1]/user ${name}", "set spec[last()]/host_group/host ALL", "set spec[last()]/host_group/command NOPASSWD: ALL", "set spec[last()]/host_group/command/runas_user ALL", ], } In that example, the command line looked like this: "set spec[last()]/host_group/command ALL", I added NOPASSWD: and it barfs with this message: err: //user::unixadmins/User::Virtual::Sudoer[joe]/Au...

I added via visudo my userid for authorization of me ALL(ALL) NOPASSWD: ALL and I still cannot run yum as me. Is this just not possible?

...icated in the fileexcerpt below. The visudo editor issued no error messageswhen creating the line for sarah. ##??? user??? MACHINE=COMMANDS ## ## The COMMANDS section may have other options added to it. ## ## Allow root to run any commands anywhere root???? ALL=(ALL) ??? ALL sarah????ALL=(ALL)???? NOPASSWD: ALL On our CentOS 6 systems, the NOPASSWD option works as itis intended to work.? No password prompt is presented for commands such as "sudo cat /etc/sudoers".? On CentOS 7,the NOPASSWD option does not seem to work, and a promptfor sarah's password is always issued. Can someone help...

Hi, I need to run /bin/mount and /sbin/mount.cifs commands as nobody user (it has (bin/bash shell). So, I've edited /etc/sudoers and added: Cmnd_Alias CMD_MOUNT = /bin/mount Cmnd_Alias CMD_CIFS ) = /sbin/mount.cifs nobody ALL = NOPASSWD: CMD_MOUNT nobody ALL = NOPASSWD: CMD_CIFS But when I run the command as nobody (in the shell), I get the error: "mount error 1 = Operation not permitted" Any ideas ? Any help would be appreciated. Warm Regards, M?rio Gamito

...g to configure my sudo to enable user 'testuser' to run Asterisk. However whenever I try to run 'sudo asterisk' as 'testuser' I get prompted for password. This is the line in my sudoers configuration file that I thought should do the trick, but it doesn't: testuser ALL=NOPASSWD: /usr/sbin/asterisk Does anyone know how to configure the sudo so that 'testuser' will be able to run the asterisk? Thanks, Alex

...me directory. As for connecting to the console with 'asterisk -r' - this by default does not work as asterisk is owned stored in /usr/sbin/asterisk I am reading that the best way to solve this is to use 'visudo' - I added this:- asterisk ALL=/usr/sbin/asterisk -r NOPASSWD: ALL asterisk ALL=/usr/sbin/safe_asterisk NOPASSWD: ALL Keep getting 'command not found' when logging in as 'asterisk' and trying to connect to the console when I do a 'sudo -l' as user asterisk - I get this user asterisk may run the following commands on t...

...t, but it's saying that "sudo: sorry, you must have a tty to run sudo". I'm trying to enable the user "apache" to have the ability to run an executable from a web page. One of the common solutions is to do the following: Defaults:apache !requiretty apache ALL = NOPASSWD:/program.name also tried: Defaults !requiretty Defaults visiblepw Anyone have a suggestion? I've got to research the tty stuff for now to ensure there is one available, but beyond that, I'm stumped. Thanks for any help. steve campbell

I am unable to get the #includedir function to work with sudo. This works just fine on all my CentOS 5.6 servers, but on 6 it is being ignored. I have this line in the file /etc/sudoers.d/zabbix-puppet zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet However sudo still requires a password. If I put that same line into /etc/sudoers file , there is no password prompt. At the end of my sudoers file I have this line #includedir "/etc/sudoers.d" It seems that line is being ignored. The permissions on...

...t checks the syntax of .erb files, on commit, along with .pp files. While doing this, I ran across a small but niggling issue and wanted to see if I was just doing something wrong or if it was a bug. In my sudoers template file, I have a number of lines that start along the lines of: %sup ALL=NOPASSWD: ALL %mon ALL=NOPASSWD: ALL I''ve never had any problems with this template, but upon checking the file with: erb -x -T ''-'' sudoers.erb | ruby -c Which gives the error: -:28: syntax error, unexpected '':'', expecting $end ; sup ALL=NOPASSWD: AL...

Thanks for the responses. I think this is what I want to do. I commented out #Defaults requiretty in /etc/sudo. But what I really wanted to do was just place it in VPNUSERS: %vpnusers ALL=NOPASSWD: /sbin/service myciscovpn start, \ /sbin/service myciscovpn stop, \ /sbin/service myciscovpn status, \ /usr/bin/mycisco, /usr/local/bin/vpnclient visudo took it but it did not work. Actually if I could just put it in user tony that would be best...

Hello! I want to use "asterisk -rx "show version"" from a php script called in the browser using the local apache, which runs as user "apache". Asterisk is running as root. I added the following line to /etc/sudoers using visudo: apache ALL = NOPASSWD: /usr/sbin/asterisk When i am on the command line of my linux box it looks like this: -------------------------------------------------------- # sudo /usr/sbin/asterisk -rx "show version" Asterisk 1.0-RC2 built by root@zrlin01.laureen.at on a i686 running Linux # sudo -u apache /usr/s...

...socket. The idea being that a user only needs to remember one single hostname, one username and one password for all mail-related services. The problem is that Dovecot is operating in proxy mode, which means that the password_query returns NULL as the password and explicitly returns a field "nopasswd" containing "Y". Thus, users can not authenticate against the UNIX socket. What I think I want to do is convince Dovecot to use one passdb for the imap/pop3/managesieve services and different one for the "auth" service. The configuration snippet below doesn't work, bu...

...CONT??? 1 20180810-083730 auth: Debug: client in: CONT??? 1 AG1rbQBta20xMjM= (previous base64 data may contain sensitive data) 20180810-083730 auth: Debug: static(mkm,127.0.0.1,<xo1p2BRzZNd/AAAB>): lookup 20180810-083730 auth: Debug: client passdb out: OK??? 1 user=mkm??? host=localhost??? nopasswd=y 20180810-083730 auth: Debug: master in: REQUEST??? 4201906177 77432??? 1??? b8126b4b71be2959fc7716888eccc566 session_pid=77433??? request_auth_token 20180810-083730 auth-worker(77426): Debug: passwd(mkm,127.0.0.1,<xo1p2BRzZNd/AAAB>): lookup 20180810-083730 auth: Debug: master userdb out:...

hello list, I've been asked to give someone sudo rights across an entire environment without the benefit of something like puppet or chef or cfengine et al. What I've come up with so far is this: ssh -t miaprbicsra04v sudo -S /bin/echo "rsherman ALL=\(ALL\) NOPASSWD: /sbin/service /bin/rm /usr/bin/du /bin/df" >> sudo tee /etc/sudoers Right now that's just to one host, but I plan on substituting a list of hosts once I get farther along. Problem is, the output hangs on the tee command. Not sure why. Any suggestions? Thanks, Tim -- GPG me!! gp...

> > What does the sudo log say? This is all the secure logs say about the ssh session: [root at logs:~] #tail -f /var/log/secure Oct 31 19:15:20 logs sshd[24407]: Accepted publickey for bluethundr from 47.18.111.100 port 47469 ssh2: RSA ae:62:1f:de:54:89:af:2c:10:16:0e:fd:8d:7e:81:06 Oct 31 19:15:21 logs sshd[24407]: pam_unix(sshd:session): session opened for user bluethundr by (uid=0)

...bQBta20xMjM= > >> (previous base64 data may contain sensitive data) > >> 20180810-083730 auth: Debug: static(mkm,127.0.0.1,<xo1p2BRzZNd/AAAB>): > >> lookup > >> 20180810-083730 auth: Debug: client passdb out: OK??? 1 user=mkm > >> host=localhost??? nopasswd=y > >> 20180810-083730 auth: Debug: master in: REQUEST 4201906177 77432 > >> 1??? b8126b4b71be2959fc7716888eccc566 session_pid=77433 > >> request_auth_token > >> 20180810-083730 auth-worker(77426): Debug: > >> passwd(mkm,127.0.0.1,<xo1p2BRzZNd/AAAB&gt...

Hey guys, I need to give the 'nobody' user (which is what our apache runs as) no password access to a file, via sudo. This is what I've tried: nobody ALL=(ALL) NOPASSWD: /var/www/qa/launchpadnew/site/ftp_check.php But if I become the nobody user and try to access the file, it tries to prompt me for a password: -bash-3.2$ php /var/www/qa/launchpadnew/site/ftp_check.php [sudo] password for nobody: Can someone please point out for me where I'm going wrong? Cuz...

...; >> (previous base64 data may contain sensitive data) >> >> 20180810-083730 auth: Debug: static(mkm,127.0.0.1,<xo1p2BRzZNd/AAAB>): >> >> lookup >> >> 20180810-083730 auth: Debug: client passdb out: OK??? 1 user=mkm >> >> host=localhost??? nopasswd=y >> >> 20180810-083730 auth: Debug: master in: REQUEST 4201906177 77432 >> >> 1??? b8126b4b71be2959fc7716888eccc566 session_pid=77433 >> >> request_auth_token >> >> 20180810-083730 auth-worker(77426): Debug: >> >> passwd(mkm,127.0.0.1,&lt...