similar to: circumvent the proxy user

Hello Everyone, I am trying to change our /etc/sudoers (using visudo) to allow 2 commands to be run as root without a password, but it isn't working. Here is the part of the sudoers file that is in question. # User alias specification User_Alias FULLACCESS = doug, scott # members of the FULLACCESS User_Alias may run chown and chmod without a password FULLACCESS ALL = (root) NOPASSWD:

My experience with RHEL and CentOS is quite limited, andwould classify me as novice.? I have been running CentOS 6for a little over a year and recently brought up a CentOS 7system as a virtual machine under Windows 7. One of the first things I usually do after installation isedit the /etc/sudoers file using visudo to give a specificuser or specific users privileges as indicated in the fileexcerpt

Hey Gordon, Sorry, man my bad! Disabling the tty requirement for my sudo user does indeed work. I had a type-o in the sudoers file, and when I corrected it, my sudo command via pssh started working! #pssh -i -h es_list "/bin/sudo /bin/systemctl restart elasticsearch; sleep 10" [1] 20:31:32 [SUCCESS] bluethundr at es3.jokefire.com Stderr: sudo: sorry, you must have a tty to run sudo

I am unable to get the #includedir function to work with sudo. This works just fine on all my CentOS 5.6 servers, but on 6 it is being ignored. I have this line in the file /etc/sudoers.d/zabbix-puppet zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet However sudo still requires a password. If I put that same line into /etc/sudoers file , there is no password prompt. At the end of my

Hi, I need to run /bin/mount and /sbin/mount.cifs commands as nobody user (it has (bin/bash shell). So, I've edited /etc/sudoers and added: Cmnd_Alias CMD_MOUNT = /bin/mount Cmnd_Alias CMD_CIFS ) = /sbin/mount.cifs nobody ALL = NOPASSWD: CMD_MOUNT nobody ALL = NOPASSWD: CMD_CIFS But when I run the command as nobody (in the shell), I get the error: "mount

Hiya, I''ve recently updated my svn server so that it checks the syntax of .erb files, on commit, along with .pp files. While doing this, I ran across a small but niggling issue and wanted to see if I was just doing something wrong or if it was a bug. In my sudoers template file, I have a number of lines that start along the lines of: %sup ALL=NOPASSWD: ALL %mon ALL=NOPASSWD: ALL

The following function is based on code I found here in an earlier thread. define sudoer() { augeas { "sudo${name}": context => "/files/etc/sudoers", changes => [ "set spec[last() + 1]/user ${name}", "set spec[last()]/host_group/host ALL", "set spec[last()]/host_group/command NOPASSWD: ALL", "set

On 10/31/2015 04:16 PM, Tim Dunphy wrote: > Got the same exact message! > > Anything else I can try? I think you need to double-check your sudoers file. Use the '-i' argument to pssh to get more information. # cat /etc/sudoers.d/gordon gordon ALL=(ALL) NOPASSWD: ALL $ pssh -h t -i sudo echo true [1] 16:02:12 [FAILURE] MYHOST Exited with error code 1 Stderr: sudo: sorry,

I took your suggestion and turned my (ill advised) sudoers bash script into an expect script! It works a lot better this way and is more secure. Because I'm not trying to store a password in a script (which I recognize as a bad idea anyway, I I think I've learned my lesson here). It really works well. But the only thing I'm still trying to figure out is how to put a if statement in

Hello everybody! How can i create with puppet following sudoers file: User_Alias CENTREON=apache,nagios CENTREON ALL = NOPASSWD: /etc/init.d/nagios* restart CENTREON ALL = NOPASSWD: /etc/init.d/nagios* reload CENTREON ALL = NOPASSWD: /usr/bin/nagios* -v * The problem that augeas create only last line, replacing previous one. -- You received this message because you are subscribed to

Hello list, I took another stab at finding a way to add a sudo user remotely and it gets you most of the way there. If you execute the script as root it works beautifully and does just what you want. Which is add the user to the group and gives that user group rights to certain commands. But if you execute it as a user who only has sudo access to the /etc/sudoers file it errors out. cloud:~]

I've got a Cento 6.2 server I'm putting together that will become a mailserver. It will have on it MailScanner and MailWatch for MailScanner. I'm using the latest stuff available and have run into a problem with changes I need to make in the /etc/sudoers file. It doesn't seem to take affect after I make the changes, so either the syntax within the file has changed or the way

Thanks for the responses. I think this is what I want to do. I commented out #Defaults requiretty in /etc/sudo. But what I really wanted to do was just place it in VPNUSERS: %vpnusers ALL=NOPASSWD: /sbin/service myciscovpn start, \ /sbin/service myciscovpn stop, \ /sbin/service myciscovpn status, \ /usr/bin/mycisco,

hello list, I've been asked to give someone sudo rights across an entire environment without the benefit of something like puppet or chef or cfengine et al. What I've come up with so far is this: ssh -t miaprbicsra04v sudo -S /bin/echo "rsherman ALL=\(ALL\) NOPASSWD: /sbin/service /bin/rm /usr/bin/du /bin/df" >> sudo tee /etc/sudoers Right now that's just to one

I did not understand the man pages for sudo and incorrectly interpreted the results. I interpreted the ALL to apply to all commands defined in the sudoers file. Basically, I'm an idiot, but here is the chain I followed, and the correct interpretation. In the man pages on sudo, it says the following: A User_List is made up of one or more usernames, uids (prefixed with

Hi guys, I'm using RedHat and am trying to configure my sudo to enable user 'testuser' to run Asterisk. However whenever I try to run 'sudo asterisk' as 'testuser' I get prompted for password. This is the line in my sudoers configuration file that I thought should do the trick, but it doesn't: testuser ALL=NOPASSWD: /usr/sbin/asterisk Does anyone know how to

I'm just starting to convert to using samba 3 --. Untill now, my use of samba has been pretty simple. I've not used it as a DC and I've use passthrough auth.. I know some say its ugly (and it can be) but its made my life easier most of the time. Now I'm reading through the samba docs, howto's, etc and I am still very uncomfortable mapping the windows Administrator account to

That seems to have worked on my own test account - I applied it to the user having the issue and asked for his feedback when he gets a chance. Thanks! On Fri, Feb 2, 2018 at 11:40 AM, Darr247 <darr247 at gmail.com> wrote: > Did you try adding > > UserName ALL= NOPASSWD: /sbin/reboot > > As the last line of their /etc/sudoers files? > (replacing UserName with their actual

Hi, I have install rsync version 3.0.8 on my FreeBSD server. I've set it up so that I have to connect via ssh with key based authentication. The following is my rsyncd.conf file in my home directory on the server. [ben-desktop] use chroot = no path = /home/bs/backups/ben-desktop/current numeric ids = true log file = /home/bs/backups/ben-desktop/rsync.log list = true read only = false write

Hi, I'm trying to get Dovecot's deliver to create and use mailboxen with one uid per user. Reading the wiki, I decided to go with the sudo attempt, but I'm stuck because deliver fails to create the intermediate directories. The auth.log has this on the matter: sudo: dovelda : TTY=unknown ; PWD=/var/spool/postfix ; USER=root ; COMMAND=/usr/lib/dovecot/deliver -f toni at