similar to: FW: Adding OpenBSD sudo to the FreeBSD base system?

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 I have grabbed some quotes from various discussions on this topic these are other peoples opinions! ">Regarding su vs. direct login, you should use su, it doesn't give > you much, but it does give you knowledge of who logged in as root > and when (provided that he did not edit the logs :-) Yes, it gives you a huge advantage,

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Sudo requires extra configuration that su does not. Why should I have to waste my time configuring another app just because a handful of people want it? I like su and how it works and I guarantee I am not the only one. You want it replaced replace it your self cd /usr/ports/security/sudo && make install clean That simple! Don't waste

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 "All you need to do is uncomment that and viola, you have default su behavior -- anyone in the wheel group allowed to sudo as any other user." Exactly! Every other user can sudo. I run many shell servers I do not want every user being able to sudo. With su, first they have to break into an account that is part of the wheel group. Then

Aloha! (I've Googled around a bit, but failed to find much previous posts about this though I'm sure it has been discussed...) Have anybody (in core etc) considered adding a sudo implementation to thr FreeBSD base system. At least for me, sudo is an important part of implementing good security policy in FreeBSD. Yes, it is available as a port, but in a similar fashion of for example,

To the openssh and sudo developer mailing lists: Ssh has a key agent allowing authentication to remote hosts without entering your password/passphrase again and again, which is very convenient. I think the 'su', 'sudo', and similiar commands could benefit from this idea and mechanism. I don't have the necessary expertise in cryptology to do this myself so I just want to throw

Hello Any time I am running sudo, I should have full path to the command, for example sudo /sbin/ifconfig Is there any way to set the path for sudo ? Thanks

Hi Biz_User needs to switch to Sales_User, and I tried following in sudoers: Biz_User ALL=(Sales_User) ALL but I get following error when I run sudo su - Sales_User "Sorry, user Biz_User is not allowed to execute '/usr/bin/su - Sales_User' as root on Server_Name" I know that if I add root in allowed users list, I can switch to other user , but in that way user can switch to

Package: logcheck Version: 1.2.35 Severity: minor Current manual reads: EXAMPLES logcheck can be invoked directly thanks to su(8) or sudo(8), which change the user ID: logcheck -o -t Check the logfiles without updating the offset. Print everything to STDOUT I believe this shuold be formatted as: EXAMPLES logcheck can be invoked directly thanks

Hello guys; I am not able to use sudo command on my just installed centos5.3 But i know i am using right password to root. Is this is by default not enabled; if so, what to do. Regards, Vijay Shanker Dubey Ph: +91-9818311884 -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hi, this was originally reported on ports@. [1] Someone noticed that after after running sudo their session disappeared when running `w` afterwards. I've done a little experimenting and this is caused when pam_lastlog.so is included in sudo's pam file. This results in the user still being logged in though according to the system logs the user has logged out. Here's an example:

I need to remove empty files out of a directory that are over 6 hours old so I created this script and put it in cron.hourly. #!/bin/sh cd /var/list sudo -u matt find /var/list -mmin +360 -empty -user matt -exec rm {} \; I want to run it as matt rather than root for just an added bit of safety. Problem is I get this. "sudo: sorry, you must have a tty to run sudo" Is there another

Centos 5 Hello I successfully converted my mta from sendmail to postfix. no problem. mail is ok. A by-product of that, as bizarre as it may seem is this: As regular user, when I do 'su -' to become root, all is well. As regular user, when I do 'sudo bash' I become root alright but I also get: sendmail: fatal: Recipient addresses must be specified on the command line or

I have an rsync script that has worked well for me for quite a while now rsyncing RAID volumes attached to two servers, one on our LAN and one at our colocation facility. I have been struggling for months, however, to get the script to run without password prompts so I can run it on cron. The rsync script is running on the system at the colo and ?pulling? files from the LAN system

> On Aug 16, 2019, at 6:21 AM, Warren Young <warren at etr-usa.com> wrote: > > On Aug 15, 2019, at 11:04 PM, Bagas Sanjaya <bagasdotme at gmail.com> wrote: >> >> Based on above cases, is it OK to give group of random users full administrator privileges using sudo, by adding them to sudoers with ALL privileges? Should sudoers call customer service number instead

Completely off topic, but I'm sure someone out there is using scripts that require a sudo password of some sort, so I'll ask. What are people doing to automate tasks that required sudo passwords in order to run? sudo without a password is not an option for me, but I would like to be able to enter the password once have it saved and then read back when sudo is required. something

I tried to submit this in R, but not sure if it worked. When running R as sudo, using ctrl-c dumps me to the command line. Hitting exit to exit the terminal window results in R taking 100% of resources. I am using R-2.1.0 on Fedora Core 3. Thanks. Manuel

This is annoying. I ssh to a server, then, it doesn't matter if I su - or sudo -s, I start a service (motion, if it matters), and when the service sends an email, it's from me, not from root, or the user the service runs as. I've dumped my environment, I've just dumped service's environment. I've set SUDO_USER to root, and SUDO_UID to 0, and restarted the service, and

Hi I have upgraded from samba 3.6.19 to samba 4.0.13 on Debian Wheezy 64-bit with Samba 4.0.13 from wheezy-backports. I use winbind to authenticate against a two-server AD domain on Server 2012 functional level and forced LDAPS. After upgrading from 3.6.19 to 4.0.13 everything still works for me as usual. That is samba shares authentication, all things relying on the keytab, SSO logins with SSH

Hi All. I am trying to install some software. Part of its installation is an invocation of command similar to: # sudo -H -E -u postgres /bin/bash -c /usr/bin/python2.7 /bin/bash: /usr/bin/python2.7: Permission denied >From my perspective: # ls -l /bin/bash /usr/bin/python2.7 -rwxr-xr-x. 1 root root 960376 Jul 8 2015 /bin/bash -rwxr-xr-x. 1 root root 7136 Oct 11 2015 /usr/bin/python2.7

we have CENTOS 5.2 on DELL server. we need allow a user can "su" to another user without password. for example: account user1 can "su - user2" without password. (user2 is NOT root) I know this is big security risk but .... Anyone know how to do it? Thanks.