sudoers mistake

Michael Havens bmike1 at gmail.com
Fri Jul 5 21:07:29 MST 2013


/etc/group
...
floppy:x:25:
tape:x:26:
sudo:x:27:bmike1 <-relevant line
audio:x:29:pulse
dip:x:30:bmike1
/etc/sudoers
...
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL
<-relevant line

# See sudoers(5) for more information on "#include" directives:

Isn't the line that is commented out supposed to be that way,,,, wait a
second! If I remember correctly the '%' is a comment symbol too. (if I
rember right I was messing with a file that used % signs to comment out
lines. I'll try removing it and see what happens.
,....
Well I uncomented it and now the error is:

$ sudo visudo
bmike1 is not in the sudoers file.  This incident will be reported. (I'm
terrified! lol)

So to me this is saying to put the line:

bmike1   ALL=(ALL:ALL) ALL

under the line:

sudo   ALL=(ALL:ALL) ALL

so it looks like:

# Allow members of group sudo to execute any command
sudo   ALL=(ALL:ALL) ALL                                         <-relevant
line
bmike1   ALL=(ALL:ALL) ALL
<-relevant line


but you were saying I should just need to add my userid to the group sudo
(which, as shown, is already done). So I am at a loss! What should I do.

Also, would someone explain the difference between usin a pound symbol and
a percent when commenting lines.

:-)~MIKE~(-:


On Fri, Jul 5, 2013 at 7:51 PM, James Dugger <james.dugger at gmail.com> wrote:

> Mike,
>
> Don't know if it was explained above but the % symbol infront of the names
> in the sudo file is the reference for a group listed in the /etc/group
> file.  So the line
>
> %sudo ALL=(ALL:ALL) NOPASSWORD : ALL
>
> When uncommented (remove the # in front if it exists) tells Linux to allow
> anyone in the sudo group access to ALL commands as root without a password.
>  All you have to do is make sure this line is uncommented using visudo.
>
> Then you would edit the /etc/group and add your username to the 'sudo'
> group line after the ':' on that line.  If there is already another user
> listed simply add a comma to the end of the previous name then a space and
> add your username at the end (without a comma after your username).
>
> Caution:  This gives any and all users that are part of the sudo group
> complete root privileges without password requirements.  If this is an
> issue you can depending on your distro instead use the %wheel group listing
> in the sudo file. If the %wheel stanza exists (same as the %sudo ...
> above) and there is a group named wheel in /etc/group you could use this in
> lieu of %sudo.
>
> Hope this helps.
>
>
> On Fri, Jul 5, 2013 at 12:38 PM, Robert Holtzman <holtzm at cox.net> wrote:
>
>> On Thu, Jul 04, 2013 at 04:48:42PM -0700, Michael Havens wrote:
>> > regardless, how do I fix sudoers?
>>
>> By deleting the sudoers file and renaming the sudoers.bak file to
>> sudoers. Uh, you *did* make a backup of the sudoers file...didn't you?
>>
>> --
>> Bob Holtzman
>> If you think you're getting free lunch,
>> check the price of the beer.
>> Key ID: 8D549279
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.10 (GNU/Linux)
>>
>> iEYEARECAAYFAlHXIKEACgkQv5BYD41UknldegCfT3gS7Xi65I3B50S0QtO+cqR6
>> bigAnRZbTvl8BpOJsRBbqm4r7qRq5zbl
>> =DWfp
>> -----END PGP SIGNATURE-----
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>
>
>
> --
> James
>
> *Linkedin <http://www.linkedin.com/pub/james-h-dugger/15/64b/74a/>*
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20130705/e9740482/attachment.html>


More information about the PLUG-discuss mailing list