239 questions
0
votes
0
answers
42
views
How to solve the issue Sub-process /usr/bin/dpkg returned an error code (1) after sudo apt --fix-broken install
After running command
sudo apt --fix-broken install
Getting the following issue
Reading package lists... Done
Building dependency tree
Reading state information... Done
Correcting dependencies....
- 71
-1
votes
2
answers
93
views
Is it safe to store hashed password in /etc/cloud/cloud.cfg of cloud-init? [closed]
I am creating a custom AMI for my AWS EC2 Instances. I am trying to configure a user's password via cloud-init. I am doing it using passwd in cloud-init's config.
I was surprised to find out that ...
- 51
0
votes
0
answers
51
views
environment variable not read in sed
I am trying to update sudoers via script and passing the value of $HOSTNAME and it's not working... Obviously missing something.
I am expecting:
%[email protected] ALL=(ALL:ALL) ALL
%...
0
votes
0
answers
34
views
How to force Ansible to use full path for executables Implicitly executed by modules like package or systemd
I'm working in an environment where the system's sudoers configuration mandates that commands like dnf, apt, and systemctl be executed with their full paths (e.g., /usr/bin/dnf, /usr/bin/systemctl). ...
- 81
0
votes
1
answer
170
views
container Docker get sudo not found error
i am currently making a react application with a backend
i have made page that let me change the date of my machine using a nodejs code,
the command to change the date is : sudo date -s "2024-05-...
0
votes
0
answers
72
views
Ansible - install yum packages with preconfigured sudoers privileges
The Ansible connects to my servers using a non-root user. The goal is for this non-root user to be able to install yum packages. For this, it needs sudo privileges, so I've configured the sudoers file ...
- 61
1
vote
1
answer
3k
views
"Missing sudo password" error with Ansible Error
This is my simple playbook,
---
- name: test
hosts: all
tasks:
- name: testing
shell: /usr/bin/whoami
register: testing
- name: show the result
debug:
msg:...
- 13
0
votes
0
answers
72
views
requiretty is being added to a user permissions by default in centos 7
The below are the contents of /etc/sudoers
Defaults !visiblepw
Defaults always_set_home
Defaults match_group_by_gid
Defaults always_query_group_plugin
Defaults env_reset
Defaults ...
1
vote
1
answer
2k
views
Deleting content of "/var/log/sudo-io"
I have a large amount of disk usage in the /var/log/sudo-io directory In the form om "AA, AB, AC..." directories
Can I delete the complete content af this directory ?
- 91
0
votes
1
answer
638
views
Is there a way to whitelist a set of normal commands and block usage of any commands outside of that?
Within this environment, a user named 'user' has the ability to use sudo, but because of how I have the networking and stuff behind the scenes set up, I don't want the user to be able to access tools ...
- 13
0
votes
1
answer
287
views
How to edit /etc/sudoers file from a golang application safely?
i want to give some user sudo access from my golang application.
but in the sudoers file i saw the line "# This file MUST be edited with the 'visudo' command as root.". because when we edit ...
- 1
0
votes
1
answer
3k
views
How to execute bash script by zabbix agent using sudo?
OS Ubuntu 22.04.2 LTS.
I did everything as usual. Using visudo I allowed the zabbix user to execute the command:
zabbix ALL=(ALL) NOPASSWD:/root/market-report/docker-compose_restart zabbix-agent2
In ...
- 23
0
votes
1
answer
96
views
In Debian, visudo /etc/sudoers
why is this line not highlighted?
Defaults authfail_message="message"
If it is okay not to be highlighted, I wonder what standard it is decided on.
- 1
2
votes
0
answers
136
views
Raspberry Pi: ACL on ramfs?
I am build custom image for Raspberry Pi 4 using Yocto. I trying to create user group account with privilages set using ACL. When rootfs is present on SD card everything works, but when I rootfs ...
- 93
0
votes
0
answers
425
views
Run ansible as root with specific sudoers
My issue is that I have one server where the sudoers for the ansible user is like this:
ansible ALL=(root) NOPASSWD: /usr/bin/su - root
Hence, the only way to switch to the root user is:
sudo su - ...
- 27
1
vote
1
answer
511
views
How to write a Chef Inspec test for the Chef Infra 'sudo' resource?
Versions
Chef Workstation version: 22.7.1006
Chef InSpec version: 4.56.20
Chef CLI version: 5.6.1
Chef Habitat version: 1.6.420
Test Kitchen version: 3.3.1
Cookstyle version: 7.32.1
Chef Infra Client ...
- 420
0
votes
1
answer
208
views
set upper limit and lower limit in time for user before executing shutdown command in linux
let's say
I want one of the non-root users named "Alex" to only allow to shutdown command but with the restriction like, he can only shutdown after minimum of 120 min and no delay more than ...
-1
votes
1
answer
256
views
Run specific docker container without sudo and without docker group
I want to run a specific docker-compose file without entering the sudo password and without assigning that user who runs the command to the docker group for security reasons.
I thought about using the ...
- 335
2
votes
2
answers
1k
views
How can prevent users in my GCP VM Instance to become root?
I created an Ubuntu VM on GCP Compute Engine.
Some details:
-> (ubuntu-minimal-2204-jammy-v20220810)
Machine type
e2-micro
CPU platform
Intel Broadwell
Architecture
x86/64
I added ...
- 380
0
votes
1
answer
197
views
bash script that is run from Python reaches sudo timeout
This is a long bash script (400+ lines ) that is originally invoked from a django app like so -
os.system('./bash_script.sh &> bash_log.log')
It stops on a random command in the script. If the ...
- 2,808
0
votes
0
answers
830
views
How can I give a user the permissions to run "adduser" and "deluser"?
How can I give a user the necessary permissions so that he can run "adduser" and "deluser" - but no other privileges?
FROM alpine:3.15.4
RUN addgroup -S tgroup -g 12345 && ...
- 1,324
2
votes
1
answer
308
views
How can I build with ant as a normal user (no need for sudo) COOJA
Recently I started working on a project in IoT, using contiki-ng.
The problem I faced is when I tried to run cooja with:
$ ant run
under ~/contiki-ng/tools/cooja.
the build failed
$ ant run
Picked up ...
- 69
1
vote
1
answer
428
views
smartest way to use config /etc/sudoers for www-data
I want to ask what is the best or smartest way to use /etc/sudoers for www-data if you need sometimes the exec or shell_exec function for cp, mv or start some python files. Is www-data ALL=(ALL) ...
- 13
0
votes
1
answer
2k
views
Managing users in openshift
I am new to openshift, I have deployed an image using Dockerfile on it, using ubuntu as base image. In Dockerfile, I have assigned an user with root privileges. But after container is formed, my user ...
-1
votes
1
answer
261
views
Toggle for adding a user to and removing the user from sudo group?
I know how to add users to the sudo group or how to remove him/her from it:
sudo usermod -aG wheel $1 # $1 represents the username as an argument passed to the command
sudo gpasswd -d $1 wheel
How ...
- 7,080
0
votes
1
answer
958
views
CENTOS apache ALL=(root) NOPASSWD: /path/to/shell.sh is not working
I am trying to do a web interface by IPtables management.
I created a file, whose name is test.php
$output = shell_exec('bash /usr/bin/iptables.sh 2>&1');
echo $output;
I gave /usr/bin/...
- 1
1
vote
1
answer
699
views
Disable Google Username as Sudoer
First post and new to the stack. I am working on a Google Cloud VM Instance using Ubuntu 20.04 LTS. To access the VM Instance, I am using SSH via a custom port. When I complete SSH login, I show up in ...
- 11
2
votes
0
answers
460
views
Allow user to create can bus without sudo
I am using socketcan and virtual can buses in my application. In order to create a virtual can bus I use the command:
sudo ip link add dev vcan0 type vcan
However, is it possible to do this on a ...
- 2,696
0
votes
0
answers
246
views
the admin is not in the sudoers file
facing an error in installing pandas to import it in my python code
and trying to install it via many ways but it always ends with this message "username is not in the sudoers file. This ...
- 11
0
votes
1
answer
148
views
Read File Accessible Only From Script in Unix
I have written a Base shell script that needs password/key which is retrieved from a file.
Base Script---Calls---Key/Password File ---Base Script does further authenticates using the key retrieved
...
- 11
-1
votes
1
answer
543
views
www-data python run sudo command as another user error password required
Hello I have a Django project hosted on an Apache Ubuntu Google VM. I use git to both update the server code and backup the db files. To avoid having to ssh in and do the repetitive git tasks over and ...
- 123
2
votes
1
answer
768
views
Ansible - remove user from group x if already in other group
I am looking for the easiest way to remove users from group x when they are already in group google-sudo. I store users in group vars in this kind of list and dictionary combination:
user_account:
- ...
- 382
0
votes
1
answer
826
views
How do I give user sudo access to modify files in certain directories /etc/
I have a user who needs to modify files in /etc/haproxy and /etc/tomcat. I tried to create a sudoers file with:
%usergroup ALL=(ALL) NOPASSWD: /etc/haproxy /etc/tomcat
But it didn't work. Any help ...
- 13
1
vote
0
answers
728
views
How to chmod without root account?
I don't have root account.
I made mistake with my /etc/sudoers files.
I changed mode my /etc/sudoers files to 777
and then, my 'sudo' command has not started work..
sudo: /etc/sudoers is world ...
- 35
0
votes
2
answers
2k
views
How to add DEBIAN_FRONTEND=noninteractive in sudoers.d file?
I am automating dpkg-sig installation for one of my project purpose. Now I want to install it noninteractive way.
I have added the following in a file inside /etc/sudoers.d/
Cmnd_Alias DPKGSIG_INSTALL ...
0
votes
0
answers
446
views
"/etc/sudoers is world writable” on Mac OS Mojave
I have gone through a lot of google results. Let me explain what I have tried first. I am currently working on a corporate laptop. Mac OS Mojave 10.14.6.
Error that I get:
sudo: /etc/sudoers is world ...
- 3,278
1
vote
2
answers
491
views
Using sudoers to restrict script files for www-data? (nohup)
I am trying to invoke a bash script requiring sudo upon receiving a web service call using FCGI Wrap and NGINX.
I have two scripts, one calling the other. The 'outer' one is meant to be called by the ...
- 4,698
0
votes
1
answer
770
views
programmatically create sudo rules for running ansible-playbook
How could I create a list for all possible commands an ansible-playbook is using so that I could create a sudoers file?
For testing the playbooks, temporally I create an entry in the /etc/sudoers.d:
...
- 26.8k
1
vote
1
answer
443
views
Preventing Centos user from installing unsigned RPMs
I have a CentOS 8 system that I want the user to be able to install RPMs. I plan on doing something like the following in the sudoers file:
username ALL = NOPASSWD : /usr/bin/dnf
However, obviously ...
- 245
8
votes
1
answer
20k
views
Add sudo permission (without password ) to user by command line
I'm creating a docker file from ubuntu:bionic image.
I want an ubuntu user with sudo privileges.
This is my Dockerfile
FROM ubuntu:bionic
ENV DEBIAN_FRONTEND noninteractive
# Get the basic stuff
RUN ...
- 1,127
1
vote
1
answer
714
views
How to solve sudoers path problem in yocto
On my Yocto image (with .deb packaging) i set up sudo an it work's fine. Only when i try to install a .deb package with:
sudo dpkg -i package-name.deb
It results in:
dpkg: warning: 'ldconfig' not ...
- 21
1
vote
2
answers
598
views
sudoless passwordless script
I want to make a sudoless passwordless script which doesn't prompt for password to any user executing that script.
Problem: my script contains rsync utility to send files to a backup server, but i ...
- 73
0
votes
1
answer
69
views
Sudoer does not use the same environnement for python3
I have a python script1 which i use as a library which i import to my main script.
before using it i checked that it was working fine, i noticed that when i run this script1 with "sudo" then ...
- 103
0
votes
1
answer
758
views
AD-HOC edit /etc/sudoers from Ansible server side
I'm trying to add privilege to Ansible node via Ansible server using "lineinfile" via ad-hoc command as ROOT :
ansible -i rec-apache.inv -m lineinfile -a "path=/etc/sudoers \
line ='...
- 85
0
votes
1
answer
664
views
Securely execute a shell script with sudo through a web interface [duplicate]
I am looking for a way to securely execute a shell script with sudo through a web interface. Security is the main concern here. I don’t want to provide my PHP file to access the sudo fully. What will ...
- 1
1
vote
1
answer
7k
views
sudoers NOPASSWD not working - Ubuntu 20.04 [closed]
I know this question was often asked before, but it's not possible for me to get it working.
I want to shutdown the system without entering a password with user holmer
I added the following line
...
- 49
1
vote
1
answer
493
views
LDAP sudoers sudoHost wildcards
I'm trying to use "sudoHost" to match a sequence of hostname on sudoers LDAP. Does anybody knows
how to grep for this:
1080s.....1089s?
I try testing on bash and I don't seem to work.
grep "[1082s-...
- 375
1
vote
1
answer
616
views
Edit visudo using vim called from a script
I created an automated install script and while executing from the chroot I would like to uncomment the wheel group line. I could do it using sed -i "s/# %wheel ALL=(ALL) ALL/%wheel ALL=(ALL) ALL/g" /...
0
votes
1
answer
142
views
PHP Sudo permissions only works for 'ALL' commands when using exec()
I need my PHP code to run scripts as a different user with exec(), and so in the sudoers file I added: www-data ALL=(csgo) NOPASSWD: WWW_COMMANDS where WWW_COMMANDS is an alias list of the scripts i ...
- 13
1
vote
2
answers
3k
views
Ansible playbook loop with with_items
I have to update sudoers.d multiple user files with few lines/commands using ansible playbook
users.yml
user1:
- Line1111
- Line2222
- Line3333
user2:
- Line4444
- Line5555
- ...
