USERNAME is not in the sudoers file. This incident will be reported.

Recently, I’ve been trying to use the ‘sudo’ command and getting denied with the response of:
“USERNAME is not in the sudoers file. This incident will be reported.” (the word “USERNAME” refers to the personal user name here).
I’ve been using Linux since 2009, and virtually all these years, openSUSE has been what I’ve been using, and I have never encountered this problem until recently.
Yesterday, I upgraded from Leap 42.3 to Leap 15.0, and still have the problem. Internet Search and suggestions have yield not results.

have you added yourself to the sudoers file?
maybe by editing it you’ve changed it’s permissions
what’s the output of

ls -l /etc/sudoers

some info can be found here
https://en.opensuse.org/SDB:Administer_with_sudo

-r--r----- 1 root root 3188 Jul 23 22:21 /etc/sudoers

Yea, I added myself, did a thing for the %wheel group, created a %sudo group, added those groups to my acct, and other things I have seen on the internet, of “fixes” (or so-called), “try this”, etc.

I’ll check the site out you referenced.

That sounds all very un-openSUSE like.

I have got the impression (not by personal experience though) that it is the Ubuntu way of doing Superuser things (and they also talk about users that are Administrators).

That is not the way it is done in openSUSE. While it might be possible to make an openSUSE installation to do it the Ubuntu way, you will at least have the problem that people here will have problems understanding what you are doing when asking for help.

Well, there is a ‘sudo’ package in the openSUSE repository; I tried re-installing it (it may be included on a fresh/new install); I’ve used it for years; It allows to run root commands within standard user command, plus, I use the sudo in bash scripts… I’ve only had to enter the password once, and sudo is good for at least 5 minutes before it’ll ask again…
sudo command (enter password)
user command
sudo command
user command
sudo command
sudo command
user command
etc.

Of course, with “Konsole”, I can just open up a separate tab (root terminal) and go back and forth… not sure about the Gnome Terminal and others.

I did not say it would not work (and the man pages are there for all to read). After all it is all GNU Linux and the same as Unix (in this aspect). I only say that the approach is very different here (after all if all distributions were the same, they do not have a ground to exist) and that people here might be not very well equipped when you want help with the “Ubuntu” way.

Just a warning.

I’m checking the MAN pages out now… they are easier to grasp via Konqueror.

I don’t know what you mean by wanting help with the “Ubuntu” way; I’ve been using openSUSE since 2009 or 2010, and this issue has always been a standard with installs (after all, there must be a reason it comes as part of the openSUSE package), and it has been referenced in these forums here and there over the years, so of course, I ask here; however, duly noted that not every computer user uses all the commands and/or applications that are installed on their OS, so it’s acknowledged like others, “sudo” is not used by every openSUSE user… it’s just more “convenient” (i.e., and eccentricity) for some us… I understand I can do a re-install to get it back working, so perhaps I may wind up doing that if the MAN pages don’t help. OTOH, I won’t be dying over any loss of being able to use it. :stuck_out_tongue:

I think the technical term for this, is that you shot yourself in the foot.

I just tried:

sudo bash

and that worked as expected. So I think you already made changes to the “sudoers” file that broke something.

The good news is that with openSUSE, you can just us

su -

in a terminal window to get a root command line session.

Normally, I do not use “sudo” unless I am in “ubuntu” or some similar system.

The default behavior of “sudo” in openSUSE, is to allow anybody to use but require the root password. I think when you made that “wheel” change, you changed the default so that only members of the “wheel” group can use it. But apparently you forgot to first add yourself to the “wheel” group.

And note that if you do add yourself to the “wheel” group (should be possible with Yast “User and group management”), you have to logout and login again before that takes effect.

I’ve actually been added to the “wheel” group already.

Looking at the man:/sudoers(5), and other related pages, it’s noted that there are more files used for this than /etc/sudoers. Regrettably, some of the texts in those MANual pages are a bit over my head.

I just ran the sudo thingy in YaST and deleted everything except the first line, the bottom part of the /etc/sudoers file is as follows:

## In the default (unconfigured) configuration, sudo asks for the root password. 
## This allows use of an ordinary user account for administration of a freshly 
## installed system. When configuring sudo, delete the two 
## following lines: 
Defaults        targetpw 
ALL     ALL = (ALL) ALL   

I think you still miss the idea of my warning.

I did NOT say that using the sudoers configuration file, the wheel group and all ideas behind it are not available on openSUSE to use for you when you want so. And please do not jump to the conclusion that when some software (specially as basic as sudo et all) is available on openSUSE, this means that it’s usage in the way you are doing (which I call for short the “Ubuntu” way), is done so by many openSUSE users, because it is not.

The sudoers file on openSUSE is by default configured :

boven:~ # grep -v '^#' /etc/sudoers | grep -v '^$'
Defaults always_set_home
Defaults env_reset
Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE"
Defaults !insults
Defaults targetpw   # ask for the password of the target user i.e. root
ALL     ALL=(ALL) ALL   # WARNING! Only use this together with 'Defaults targetpw'!
root ALL=(ALL) ALL
boven:~ #

Which means that in fact every user that uses sudo to attain Superuser privileges, has to provide the root password. That is the same as when using

su -

(which I then prefer).

You may of course use sudo to configure in sudoers other behaviour for (some) users. And you may even try to implement the same security concept as is done on Ubuntu like systems. You are free to do so. The tools are there. And when you run into problems, you may ask here. And people are willing to help you with the expertise they have. I only warn you that that expertise may be limited and that not many will try to follow you in re-creating your configuration (threatening their own system).

And behind that warning is the hint that it may not be a good idea to implement another distros security concept on openSUSE. We have seen several people here that apparently switched from Ubuntu like to openSUSE and were confused that openSUSE has no concept of an"Administrator". But after explanation they seem to cope with it.

BTW, maybe to get an idea about the background in openSUSE:
https://en.opensuse.org/SDB%3ALogin_as_root

And I repeat, do not make to much out of my warning. It is not to discourage you. It is a warning only that many here will not really understand what you are talking about and their additional questions and advice may mirror this.

On Tue 24 Jul 2018 05:46:02 PM CDT, Star Gazer wrote:

hcvv;2874855 Wrote:
> I did not say it would not work (and the man pages are there for all
> to read). After all it is all GNU Linux and the same as Unix (in this
> aspect). I only say that the approach is very different here (after
> all if all distributions were the same, they do not have a ground to
> exist) and that people here might be not very well equipped when you
> want help with the “Ubuntu” way.
>
> Just a warning.

I’m checking the MAN pages out now… they are easier to grasp via
Konqueror.

I don’t know what you mean by wanting help with the “Ubuntu” way; I’ve
been using openSUSE since 2009 or 2010, and this issue has always been a
standard with installs (after all, there must be a reason it comes as
part of the openSUSE package), and it has been referenced in these
forums here and there over the years, so of course, I ask here; however,
duly noted that not every computer user uses all the commands and/or
applications that are installed on their OS, so it’s acknowledged like
others, “sudo” is not used by every openSUSE user… it’s just more
“convenient” (i.e., and eccentricity) for some us… I understand I can
do a re-install to get it back working, so perhaps I may wind up doing
that if the MAN pages don’t help. OTOH, I won’t be dying over any loss
of being able to use it. :stuck_out_tongue:

Hi
The only thing I use visudo for is for OBS and local builds with osc
and the su-wrapper = sudo;


<username> ALL = NOPASSWD: /usr/bin/build


Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
SLES 15 | GNOME Shell 3.26.2 | 4.12.14-23-default
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below… Thanks!

There are reasons why the wheel group is used in other distros (I’ve seen recommendations in Ubuntu and Fedora).
Some situations are designed to get around the restrictions of not being able to “su” like we can in openSUSE.

In any case,
In other Forum threads,
I’ve cautioned that making your normal User account a member of the wheel group is dangerous, and IMO very, very inadvisable because the consequence is to elevate your normal User account nearly to the capability of root.
In other words, making your User account a member of wheel makes your User account <always> capable of what the wheel group allows you to do so is tantamount to logging in to your session as root.
On the other hand, we have a better solution in openSUSE. If you use an elevated windowed console running “su” or “su-” then your elevated permissions exist only as long as that window is open and in the context of commands in that window or child processes. When you close the elevated console, those elevated capabilities vanish.

So,
I advise using wheel only in the security context of a non-interactive background process, for instance providing the security context for running an automated management application on a number of remote machines. If the command is non-interactive, it reduces exposure to hacking.
But never as a normal User invoking applications you can start from an application launcher, for example.

TSU

Hmmm. I was going to try to help, here, but it seems you are doing things in an odd and unusual way. Unfortunately, because of that, I cannot help. But, I wish you good luck, as most others here will run into the same problem trying to help.

The only thing I can suggest is to do a clean install of openSUSE and stick with the default methods of doing this.

I’ve newer messed with the sudoers file and I’m not really sure what you want to accomplish do you want to be able to run root commands without entering the root password, that’s doable I’d say again read the wiki or the /etc/sudoers file
there’s also a yast2 module for changing user capabilities it’s in
yast2->Security and Users->Sudo

I’m at a point where I think I may have to do just that (a clean install); since the upgrade, I have encountered others issues, like audio recording (that, I believe I can get straightened up), and the loss of the Ctrl-Shift-U feature to enter Non-Keyboard Unicode Characters, which I use a LOT.

Add onto that of finding out the SNAPPER is not doing the hourly snapshots of each cfg file… it does appear I will have to do a SNAPPER ROLLBACK and then at a good time, just do a clean install, since there seems to be a few problems instead of just one.

I am happy to report that I have done a fresh clean install of Leap 15 and the problems, sudo, snapper hourly snapshots, and Ctrl-Shift-U for unicode is now gone, and they are all back to working now. :good:

Thank all of you for all your input(s), and best wishes to you and yours to each of you.

I am glad your problems are solved now.

And I learned something new. The Ctr-Shift-u. Thus is U+21B2: ↲

Superb!!! :slight_smile:

Glad this has worked out for you.