Hello everybody,
I meet a bit trouble with /etc/sudoers file. My trouble is:
My account is “banhbaochay”, I want to run as root, so I edit sudoers with visudo. I do as follow steps:
switch root and type visudo
I add the line at the end of file:
banhbaochay ALL=(ALL) ALL
Save and quit visudo
But when I’m in banhbaochay account and type
$ sudo head -3 /etc/shadow
root's password:
I type banhbaochay’s password but reply is incorrect.
I don’t know where’s my mistake? Can you help me?
Thanks for reading
You need to set the targetpw option off if you want to use your own password. See man page for sudoers. Note that this means anybody on your machine can become root with their own password, so you may want to restrict the effect to just yourself.
Opp, I 've got a new trouble in my sudoers file. Here is my sudoers fie:
In the default (unconfigured) configuration, sudo asks for the root password.
This allows use of an ordinary user account for administration of a freshly
installed system. When configuring sudo, delete the two
following lines:
Defaults targetpw
ALL ALL = (ALL) ALL
Defaults:banhbaochay passwd_timeout=0,timestamp_timeout=0
Runas alias specification
User privilege specification
root ALL = (ALL) ALL
banhbaochay ALL = (root) /usr/sbin/rcmysql
As ken_yap 's advise, I comment the line “Defaults targetpw” then I type:
sudo /usr/sbin/rcmysql status
System show “banhbaochay’s password:”, it’s done. But when I type any root command, system always ask me “banhbaochay’s passwor:”, not “root’s password:”. It’s not good, I only want to set 1 command rcmysql to banhbaochay account, the others root command must run with root password.
If I comment more line “ALL ALL=(ALL) ALL” as my sudoers 's advise “delete 2 line follow”, when I type other root command, system still ask me banhbaochay’s password. After typing banhbaochay’s password, system show “banhbaochay is not allowed to execute … as root”.
Can you help me
Read man sudoers for how to restrict the default to one command. It’s this paragraph:
Certain configuration options may be changed from their default values
at runtime via one or more Default_Entry lines. These may affect all
users on any host, all users on a specific host, a specific user, a
specific command, or commands being run as a specific user. Note that
per-command entries may not include command line arguments. If you
need to specify arguments, define a Cmnd_Alias and reference that
instead.
Thus, Can I config sudoers for: “In banhbaochay account, I can use 1 root command with banhbaochay’s password and use the others root command with root’s password”?
I search with google about sudoers but I only find information for how to write a line as “user host=(root…) command”.