Re: sudoers mistake

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Kevin Fries
Date:  
To: Main PLUG discussion list
Subject: Re: sudoers mistake
If you want sudo to stop requesting your password, that will make a small
change to your sudoers file.

Change:

%sudo ALL=(ALL:ALL) ALL

To:

%sudo ALL=(ALL:ALL) NOPASSWD: ALL

Kevin
On Jul 4, 2013 10:47 PM, "Michael Havens" <> wrote:

> I think I have a tiny problem. I ran visudo to remove my user from the
> sudoers file and it asked for the password. I removed the user and then:
> $ sudo visudo
> [sudo] password for bmike1:
> bmike1@PresarioLapTop1:/home$ sudo useradd -G sudo bmike1
> useradd: user 'bmike1' already exists
>
> Oh, I was using the wrong file. I need usermod -a -G sudo bmike1
>
> Now we just wait a bit until I can test the handy work to see if it works.
> <an hour later>
> Nope..... still asks for a password.
> :-)~MIKE~(-:
>
>
> On Thu, Jul 4, 2013 at 8:30 PM, Michael Havens <> wrote:
>
>> thanks
>>
>> :-)~MIKE~(-:
>>
>>
>> On Thu, Jul 4, 2013 at 6:12 PM, Kevin Fries <> wrote:
>>
>>> Remove the entry for you completely from sudoers. Notice in the file
>>> you posted the %sudo line? That mean that anybody who belongs to the
>>> group sudo has full sudo access. This means you do not need to add
>>> individual users to the sudoers file, you just need to add or remove users
>>> from that group instead. So remove any individual users from sudoers,
>>> it's not needed.
>>>
>>> Kevin
>>> On Jul 4, 2013 5:49 PM, "Michael Havens" <> wrote:
>>>
>>>> regardless, how do I fix sudoers?
>>>> :-)~MIKE~(-:
>>>>
>>>>
>>>> On Thu, Jul 4, 2013 at 4:15 PM, Kevin Fries <>wrote:
>>>>
>>>>> Mike,
>>>>>
>>>>> Leave your sudoers file alone and add your user to the sudo group
>>>>> instead. Much more flexible.
>>>>>
>>>>> Kevin
>>>>> On Jul 4, 2013 4:28 PM, "Michael Havens" <> wrote:
>>>>>
>>>>>> I wanted to add my user to the sudoers file so I typed in 'visudo.
>>>>>> and put my userid where I figure it should go. Now whenever I type 'sudo
>>>>>> <?>' the output of the shell is:
>>>>>>
>>>>>> bmike1@PresarioLapTop1:/home$ sudo mkdir /backups
>>>>>> sudo: parse error in /etc/sudoers near line 14
>>>>>> sudo: no valid sudoers sources found, quitting
>>>>>> sudo: unable to initialize policy plugin
>>>>>>
>>>>>>
>>>>>> so I think I'll go in and put it the way it was:
>>>>>>
>>>>>> bmike1@PresarioLapTop1:/home$ sudo visudo
>>>>>> sudo: parse error in /etc/sudoers near line 14
>>>>>> sudo: no valid sudoers sources found, quitting
>>>>>> sudo: unable to initialize policy plugin
>>>>>>
>>>>>> Here is the sudoers file:
>>>>>>
>>>>>> #
>>>>>> # This file MUST be edited with the 'visudo' command as root.
>>>>>> #
>>>>>> # Please consider adding local content in /etc/sudoers.d/ instead of
>>>>>> # directly modifying this file.
>>>>>> #
>>>>>> # See the man page for details on how to write a sudoers file.
>>>>>> #
>>>>>> Defaults        env_reset
>>>>>> Defaults        mail_badpass
>>>>>> Defaults
>>>>>>  secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

>>>>>>
>>>>>> # Host alias specification
>>>>>> bmike1
>>>>>>
>>>>>> # User alias specification
>>>>>>
>>>>>> # Cmnd alias specification
>>>>>>
>>>>>> # User privilege specification
>>>>>> root    ALL=(ALL:ALL) ALL

>>>>>>
>>>>>> # Members of the admin group may gain root privileges
>>>>>> %admin ALL=(ALL) ALL
>>>>>>
>>>>>> # Allow members of group sudo to execute any command
>>>>>> %sudo ALL=(ALL:ALL) ALL
>>>>>>
>>>>>> # See sudoers(5) for more information on "#include" directives:
>>>>>>
>>>>>> #includedir /etc/sudoers.d
>>>>>>
>>>>>> HEY! Look at that. I put my user in the wrong space. I meant to put
>>>>>> it under '# User alias specification' but now I see that is wrong; I needed
>>>>>> to put it under '# User privilege specification'.
>>>>>> Also, what about the "ALL's". What do they mean?
>>>>>> Can I fix this with VI? I'm not just doing it because I don't want to
>>>>>> mess this up so bad I need to reinstall
>>>>>> :-)~MIKE~(-:
>>>>>>
>>>>>>
>>>>>> On Thu, Jul 4, 2013 at 2:56 PM, Michael Havens <>wrote:
>>>>>>
>>>>>>>
>>>>>>>> Okay Matt (or anyone else who wants to answer this), could I do
>>>>>>> this:
>>>>>>> first I make a directory in the usb called 'bmike1-backup'
>>>>>>>
>>>>>>> #!/bin/bash
>>>>>>> sudo mkdir /backups <-create backups dir
>>>>>>> sudo mount /sdc1/backup-bmike1 /backups <- tell computer to see a
>>>>>>> directory in the usb drive as /backups
>>>>>>> rsync -av /home/bmike1
>>>>>>> sudo umount backups; sudo rmdir backups <-make everything like it was
>>>>>>>
>>>>>>>
>>>>>>>> On Sat, Jun 29, 2013 at 12:45 PM, Matt Graham <
>>>>>>>> > wrote:
>>>>>>>>
>>>>>>>>> 1. Plug this disk in. Usually, removable disks have 1 partition
>>>>>>>>> of type FAT32
>>>>>>>>> or NTFS covering their whole space. (Check that this is the case,
>>>>>>>>> if not,
>>>>>>>>> something weird may be going on.)
>>>>>>>>>
>>>>>>>>> 2. Make a filesystem with a label on this partition. "mke2fs -j
>>>>>>>>> -L MY_BACKUPS
>>>>>>>>> /dev/sdN1" . Find what N is by looking at the output of dmesg |
>>>>>>>>> tail.
>>>>>>>>>
>>>>>>>>> 3. Make an entry for the partition you made in your /etc/fstab :
>>>>>>>>>
>>>>>>>>> LABEL=MY_BACKUPS /mnt/backup ext3 noauto,users,noatime 0 0
>>>>>>>>>
>>>>>>>>> 4. As root, mkdir /mnt/backup if it doesn't exist, then mount this
>>>>>>>>> partition
>>>>>>>>> on /mnt/backup , mkdir /mnt/backup/USER , and chown USER
>>>>>>>>> /mnt/backup/USER .
>>>>>>>>>
>>>>>>>>> 5. Make a shell script sort of like this:
>>>>>>>>>
>>>>>>>>> #!/bin/bash
>>>>>>>>> if [[ $1 == '--help' || $1 == '-h' ]] ; then
>>>>>>>>>     echo "backs up ~USER to backup drive."
>>>>>>>>>     exit;
>>>>>>>>> fi

>>>>>>>>>
>>>>>>>>> if mount | grep /mnt/backup > /dev/null ; then
>>>>>>>>>     rsync -av --delete-after /home/USER/ /mnt/backup/USER
>>>>>>>>> else
>>>>>>>>>     echo "backup disk not mounted.  Trying to mount it."
>>>>>>>>>     mount /mnt/backup
>>>>>>>>>     if mount | grep /mnt/backup > /dev/null ; then
>>>>>>>>>          echo "Is the disk plugged in?  Can't mount, bailing."
>>>>>>>>>          exit 1
>>>>>>>>>     fi
>>>>>>>>>     rsync -av --delete-after /home/USER/ /mnt/backup/USER
>>>>>>>>>     umount /mnt/backup
>>>>>>>>> fi

>>>>>>>>>
>>>>>>>>> 6. Any time you want to make a backup, plug your disk in, and run
>>>>>>>>> that shell
>>>>>>>>> script. The initial rsync will take some time. Subsequent rsyncs
>>>>>>>>> will take a
>>>>>>>>> couple of minutes.
>>>>>>>>>
>>>>>>>>> This is AFAICT a reasonably good way to do things, because it
>>>>>>>>> doesn't take a
>>>>>>>>> lot of time to keep your backup up to date, and restoring is as
>>>>>>>>> simple as
>>>>>>>>> mounting the backup disk and copying things over. Since there is
>>>>>>>>> only 1
>>>>>>>>> backup, though, you could delete something, make a backup, then
>>>>>>>>> realize you
>>>>>>>>> needed that thing. I have 2 backup disks and rotate them every
>>>>>>>>> few days to
>>>>>>>>> make that less likely.
>>>>>>>>>
>>>>>>>>> You could even get fancy and use dm-crypt to back up your stuff to
>>>>>>>>> an
>>>>>>>>> encrypted disk, which is useful in some situations like when you
>>>>>>>>> want to leave
>>>>>>>>> the disk somewhere that's not under your direct control like a
>>>>>>>>> friend's house.
>>>>>>>>> Using dm-crypt makes things a bit more complex, but I can write
>>>>>>>>> another
>>>>>>>>> message about that.
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Matt G / Dances With Crows
>>>>>>>>> The Crow202 Blog: http://crow202.org/wordpress/
>>>>>>>>> There is no Darkness in Eternity/But only Light too dim for us to
>>>>>>>>> see
>>>>>>>>>
>>>>>>>>> ---------------------------------------------------
>>>>>>>>> PLUG-discuss mailing list -
>>>>>>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>>>>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------
>>>>>> PLUG-discuss mailing list -
>>>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>>>>
>>>>>
>>>>> ---------------------------------------------------
>>>>> PLUG-discuss mailing list -
>>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>>>
>>>>
>>>>
>>>> ---------------------------------------------------
>>>> PLUG-discuss mailing list -
>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>>
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list -
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>
>>
>>
>
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss