Setting up and Running sudo-how? Leap Gnome

Hi,
I typed su, Enter. Now the description says: Create a configuration file. Typically, this file is created in the /etc/sudoers.d/ directory with the name of the file the same as your username. For example, for this demo, let’s say your username is “student”. After doing step 1, you would then create the configuration file for “student” by doing this: # echo “student ALL=(ALL) ALL” > /etc/sudoers.d/student

How is that done, step-by-step? I assumed to write that in gedit, put it in sudoers.d, but that file is not accessible. Using the terminal for that purpose?
Thanks a lot for your suggestions!

Hi
Use su - to ensure you get root users environment, then either use visudo or yast sudo (ncurses version) to edit the sudoers file.

Yes. Just run that command in the terminal window where you typed su.
It will create the file /etc/sudoers.d/student for you.

Alternatively, you can create that file yourself with gedit e.g. (you need to run gedit as root though, otherwise it won’t be able to create the file), with the following content:

student ALL=(ALL) ALL

(i.e. the part that is in quotes)

Of course you should replace all mentions of “student” with your real username.

This will work as well of course, but you’d have to know what exactly to change in the sudoers file. I have the impression the OP would not know… :wink:

OTOH, I do see some advantages in creating a separate file in /etc/sudoers.d/ with your changes.

Before reading your posts I tried this, because just the terminal as a way to complete the task was left:

op@linux-e7yv:~> su
Password:
linux-e7yv:/home/op # # echo “o ALL=(ALL) ALL” > /etc/sudoers.d/o
linux-e7yv:/home/op #

Is this the right output? I am not sure, how can I check it?

No. You actually didn’t do anything at all… :wink:
‘#’ indicates a comment for the shell, i.e. the rest of the line is ignored.

Omit ‘#’ (i.e. just type: echo “o ALL=(ALL) ALL” >/etc/sudoers.d/o ) and it should do what it’s intended to do.

The description you posted only contains it because it normally is the shell prompt when logged in as root.
I.e. the shell prints # , and you should reply with echo “o ALL=(ALL) ALL” >/etc/sudoers.d/o, so to say.

I am not sure, how can I check it?

Have a look whether /etc/sudoers.d/o exists and has the wanted content.
E.g. with a file manager, or the commands “ls” and “cat” in the shell/terminal.

Suspected that nothing worked. So I omitted “#”, output was still the same, sudoers.d without ‘o’. But I made a mistake, name is “op” instead “o”. Repeated the input with “op”, still not the expected result, as you described. File cannot be opened. What might be the mistake? Btw: Made the same procedure with CentOS, with the right name(!), same result. I enrolled in a Linux course, that requires openSUSE, Ubuntu and CentOS.

Hi
Then why not use the tools available in openSUSE, eg YaST? Then have a look at the result and duplicate on the other distributions using the tools available or command line.

Simply because I am a beginner, following the instructions of the course, at least I try to do so.

If you ran “su” first and didn’t make any typing errors, it should be there.

What does “ls -l /etc/sudoers.d” give?

/etc/sudoers.d/ is only accessible as root, so it would be normal that it cannot be opened as normal user.

Hi
Yes, understood, but as you see every distribution has those subtle differences :wink: That’s why I suggest the openSUSE preferred tool to see what your attempting to achieve, then look at the result to see those differences to clarify what your attempting from the command line.

Did as you instructed, “visudo”: # sudoers file.

This file MUST be edited with the ‘visudo’ command as root.

Failure to use ‘visudo’ may result in syntax or file permission errors

that prevent sudo from running.

See the sudoers man page for the details on how to write a sudoers file.

Host alias specification

Groups of machines. These may include host names (optionally with wildcards),

IP addresses, network numbers or netgroups.

Host_Alias WEBSERVERS = www1, www2, www3

User alias specification

Groups of users. These may consist of user names, uids, Unix groups,

or netgroups.

User_Alias ADMINS = millert, dowdy, mikef

Cmnd alias specification

Groups of commands. Often used to group related commands together.

Seems not to be the intended result…

Then “yast sudo”, a window with a blue background opened, huh, what is that? Konsole handbook…inaccessible. Ncurses…seems to be nowhere displayed. What is the fastest way to solve such problems, generally, without pestering forums with questions? Could you recommend books, tuts, etc. recommend?

ncurses is the terminal interface used by yast in terminal moed. it does not say ncurses on the screen. You navigate by tabs space arrows and such. no mouse though

Ok-how to that, step-by-step?

On Sun 12 Jun 2016 02:36:01 PM CDT, Ebit wrote:

malcolmlewis;2781452 Wrote:
> Hi
> Use su - to ensure you get root users environment, then either use
> visudo or yast sudo (ncurses version) to edit the sudoers file.
Did as you instructed, “visudo”: # sudoers file.

This file MUST be edited with the ‘visudo’ command as root.

Failure to use ‘visudo’ may result in syntax or file permission

errors

that prevent sudo from running.

See the sudoers man page for the details on how to write a sudoers

file.

Host alias specification

Groups of machines. These may include host names (optionally with

wildcards),

IP addresses, network numbers or netgroups.

Host_Alias WEBSERVERS = www1, www2, www3

User alias specification

Groups of users. These may consist of user names, uids, Unix groups,

or netgroups.

User_Alias ADMINS = millert, dowdy, mikef

Cmnd alias specification

Groups of commands. Often used to group related commands together.

Seems not to be the intended result…

Then “yast sudo”, a window with a blue background opened, huh, what is
that? Konsole handbook…inaccessible. Ncurses…seems to be nowhere
displayed. What is the fastest way to solve such problems, generally,
without pestering forums with questions? Could you recommend books,
tuts, etc. recommend?

Hi
Some pointers
https://en.opensuse.org/SDB:Administer_with_sudo
http://www.susegeek.com/security/how-to-configure-sudo-and-delegate-authority-in-opensuse/

If you read the man page for sudoers (man sudoers), you will see by
default sudoers.d is not included, by default sudo is not configured
(we are not debian… :wink: ) so until it’s configured (/etc/sudoers) via
visudo I don’t expect things to work…

I use one command with sudo and that’s /usr/bin/build for use with osc
which I enter via visudo.


Cheers Malcolm °¿° LFCS, SUSE Knowledge Partner (Linux Counter #276890)
openSUSE Leap 42.1|GNOME 3.16.2|4.1.21-14-default
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below… Thanks!

Sorry, but that’s wrong.

/etc/sudoers.d/ is included by default in openSUSE.
At the end of the shipped sudoers config is this:

## Read drop-in files from /etc/sudoers.d
## (the '#' here does not indicate a comment)
#includedir /etc/sudoers.d

by default sudo is not configured
(we are not debian… )

And I think that’s a bit misleading…

Of course it is “configured” (just not in the same way as in Debian), and it is usable out of the box.
You have to enter the root password though (unlike in Debian) unless you change the configuration, and you cannot run graphical applications with the default setup.
There might be other differences too, that I’m not aware of…

On Mon 13 Jun 2016 08:06:01 AM CDT, wolfi323 wrote:

malcolmlewis;2781855 Wrote:
> If you read the man page for sudoers (man sudoers), you will see by
> default sudoers.d is not included
Sorry, but that’s wrong.

/etc/sudoers.d/ is included by default in openSUSE.
At the end of the shipped sudoers config is this:

Code:

Read drop-in files from /etc/sudoers.d

(the ‘#’ here does not indicate a comment)

#includedir /etc/sudoers.d


> by default sudo is not configured
> (we are not debian… )
And I think that’s a bit misleading…

Of course it is “configured” (just not in the same way as in Debian),
and it is usable out of the box.
You have to enter the root password though (unlike in Debian) unless you
change the configuration, and you cannot run graphical applications with
the default setup.
There might be other differences too, that I’m not aware of…

Hi
Ahh yup, my bad I see the include now, Like I said, only use it for one
thing for osc, I’m a su - person…


Cheers Malcolm °¿° LFCS, SUSE Knowledge Partner (Linux Counter #276890)
openSUSE Leap 42.1|GNOME 3.16.2|4.1.21-14-default
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below… Thanks!

“Finally, some Linux distributions will complain if you don’t also change permissions on the file by doing: # chmod 440 /etc/sudoers.d/student”
Nice. But unfortunately no explanation, what “complain” does mean. Do you have an idea?

Hi
Looks like it can crash… sudo? sudon’t! Stupid “sudoers.d” – My Green Life I do note in the comments the use of su - helps, not just su.