Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [sudo]

sudo is a tool which allows users to run commands as another user (usually the root user)

sudo allows users to run commands as another user. It is typically used to allow trusted users to run commands as root, without giving them root access, or to allow a user to run commands as another user. Both of these uses must be allowed by the root user.

886 questions
0
votes
2 answers

sudo to allow apt-get install of remote packages, but forbidding arbitrary commands

I'm looking for a way to allow a user to install (only remote) packages via apt-get (or another mechanism?) but not allow them to run arbitrary commands as root. I can get some of the way there via /etc/sudoers. Say I have this in my /etc/sudoers…
Michal Charemza
  • 113
  • 7
0
votes
0 answers

Command to get Sublime Text SFTP client to execute sudo at every file save

I am using Sublime Text editor with its SFTP plugin to edit files (also root files) on my server. I thought there is some linux command or file that can be edited that would enable me to execute sudo at every file save, and even at every file open.…
Adam Alleman
  • 19
  • 3
0
votes
2 answers

Require root password when executing "sudo -s"

I have a CentOS 7 server on AWS. When logged in with the centos user, how can I prevent sudo -s logging in to root without requiring root's password? [root@server ~]# cat /etc/sudoers | grep rootpw Defaults rootpw [root@server ~]# getent group…
Nuno
  • 553
  • 2
  • 8
  • 26
0
votes
0 answers

Tenable su+sudo and selinux

My Not-A-Sysadmin-Boss wants me to explain this but I can't really find an answer? When using TENABLE SC to scan a RHEL7 system the account used to do the scan connects via ssh then uses sudo to perform its checks. But when selinux is enforcing…
user1548815
  • 65
  • 4
0
votes
2 answers

sudo: unable to stat /etc/sudoers: No such file or directory

I moved the file /etc/sudoers to /etc/sudoers.bkp after this I cannot run sudo command and neither can login as root and change the file back is there any way this can be resolved without reinstalling the system Operating System: Red Hat Enterprise…
Sarthak Saxena
  • 1
0
votes
1 answer

Wazuh ignore a specifc user from sudo notifications

I'm monitoring my servers using Wazuh 4.1.x. My servers are Ubuntu and CentOS. They are also monitored using Icinga2 and NRPE agent. Wazuh is logging all sudo authentications or commands ran with sudo (which is fine). But since some of the nrpe…
Bogdan Stoica
  • 403
  • 4
  • 9
0
votes
0 answers

Why is my Samba share only writable by root?

I have set up a Samba share, and it is only writable by root. For example, I can only create a folder on that share with sudo: ~$ mkdir /mnt/SHARE/somedir mkdir: cannot create directory /mnt/SHARE/somedir: permission denied ~$ sudo mkdir…
TheEagle
  • 101
  • 3
0
votes
1 answer

Trying to get sudoers working on openldap/centos7

I was following this tutorial here: https://kifarunix.com/how-to-configure-sudo-via-openldap-server/ A lot of it made sense, but still new to openldap so some of this is cryptic too. I have the openldap running with users authenticating on other…
Codejoy
  • 107
  • 5
  • 17
0
votes
2 answers

Linux: Is it possible to use the ssh key pair instead or in addition to the root privileges?

I'm facing the problem of securing an embedded platform. All ssh hardening have been setup, including 2 factor authentication and login with ssh key pairs. Now, the root and user passwords are ridiculous easy to crack, all you need is physical…
Whois_me
  • 3
  • 4
0
votes
1 answer

Update sudoers file in multiple servers with a bash script

I have 50 Linux servers and can login to the servers without root password (I know the password). Now I would like to add 3 lines in sudoers file on each servers. Obviously logging into 50 servers and adding lines are painful. Is there a different…
KKE
  • 135
  • 1
  • 4
  • 11
0
votes
0 answers

How does the sudoers option 'pam_session' correspond to PAM's 'session' type?

On a CentOS 7 system, I want to prevent lines such as May 20 08:55:05 c090 sudo: pam_unix(sudo:session): session opened for user root by (uid=0) May 20 08:55:05 c090 sudo: pam_unix(sudo:session): session closed for user root May 20 08:55:06 c090…
loris
  • 232
  • 1
  • 12
0
votes
1 answer

how to create a script shell command

Hi evry one can someone help me to get this command with scrit shell ? root@VPS:/work# cpan Loading internal logger. Log::Log4perl recommended for better logging CPAN.pm requires configuration, but most of it can be done automatically. If you…
Rayen Ben Said
  • 5
  • 1
  • 4
0
votes
2 answers

Running newusers util in cron to batch create users does not run

I'm attempting to batch create some users from a file using the newusers util on ubuntu 18. When running in cron as the root user, nothing happens. When I run the command manually, it works as expected and creates the users in the file. Heres my…
kurupt89
  • 117
  • 4
0
votes
2 answers

Want to allow application to mount a drive using rhel 8

I can mount my drive using sudo mount.cifs ...... I can unmount doing sudo umount /mnt/mountpoint It was prompting me for a password, so I changed the sudoers file to NOPASSWD:ALL and now it does not prompt me. I have an application and I want to be…
user999684
  • 165
  • 1
  • 1
  • 8
0
votes
1 answer

How to allow PHP exec to reload NGINX

How can I allow these commands in PHP: $output = exec('sudo nginx -t 2>&1'); $output2 = exec('sudo /usr/sbin/service nginx reload 2>&1'); I've looked into sudo visudo in the terminal , but it seems like that will give access to all sudo commands,…
Tom Tucker
  • 3
  • 2
1 2 3
59 60