[NTLUG:Discuss] Sudo

Bobby Sanders ssanders at vzinet.com
Mon Feb 18 19:08:04 CST 2002 

--On 18 Feb 2002 11:31:40 -0600, MadHat <madhat at unspecific.com> said:

   M:BS> On Mon, 2002-02-18 at 11:20, Bobby Sanders wrote: RH 6.2 KDE.
   M:BS> I have configured sudo to allow me to run kppp when I am
   M:BS> logged in under my regluar user name.  However, I can only
   M:BS> run kppp if I first open a terminal and do su -.  As long as
   M:BS> I follow this procedure, kppp works from the command line and
   M:BS> the icon.  Otherwise it won't.

   M:BS> Why is this?

Thanks for the response, MH.

  M> I am not completely following,

Sorry about not being more precise.

  M> but sudo is run as "sudo
  M> programname" then it will prompt for a password, unless you use
  M> the NOPASSWD, then it just runs.  as root, do a visudo to edit
  M> the /etc/sudoers file. Make sure you have a line that looks
  M> something like
 
  M> <username> NOPASSWD: /usr/bin/kppp

The relevant portion of my /etc/sudoers is:

User_Alias      PPP = u1, u2, u3

PPP     ALL = NOPASSWD: /usr/bin/kppp

This seems to comply with the examples in the man page.

It seems to me that this says that all of three of the members of PPP
can run /usr/bin/kppp, without a password, from any host.  Am I
missing something here?

  M> and it should work (assuming you don't want it prompting you for
  M> a passwd).

I don't.

  M> Now depending on how your X is configured, there may be an issue
  M> with xauth or xhost allowing root to run a x window on your x
  M> session (as in the user's X session).

Although I am very weak on X configuration, as with most things, it
appears that mine is configured so that anyone can do a su - in a
terminal window, if they know root's password.

  M> One way to see where the problem is, is to tell kppp to run in a
  M> terminal (one of the options on the properties of the Icon) and
  M> it should echo any errors where you can see them.

I've tried this.  If I first open a terminal window and do an su -,
responding to the password prompt, of course, then open another xterm
and do kppp, all works fine, i.e. no prompt for a password.  However,
it I am not loged in as root in another term and then do kppp, I am
prompted for the root password.  It appears that I should not be
prompted for the password if the program is following the instructions
set forth in /etc/sudoers.

Bobby

More information about the Discuss mailing list