Skip to main content

Questions tagged [sudo]

sudo is a tool which allows users to run commands as another user (usually the root user)

Filter by
Sorted by
Tagged with
0 votes
2 answers
128 views

Managing passwords of many remote servers

I routinely login to many remote servers through SSH. I use a public/private SSH key to login without having to enter my password (https://linuxize.com/post/how-to-setup-passwordless-ssh-login/). ...
a06e's user avatar
  • 395
0 votes
0 answers
8 views

Why is FreeIPA HBAC rule not enforced for sudo

Using FreeIPA on RHEL 9, I have both sudo rules configured and an HBAC rule. The HBAC rules are there to disable all access to certain accounts on some machines. I can test those with, e.g.: ipa ...
okapi's user avatar
  • 152
0 votes
0 answers
35 views

Graphical Switchuser with Netnamespaces in Wayland

I'm using 2 user accounts in different Netnamespaces like described in: https://www.redhat.com/sysadmin/use-net-namespace-vpn The graphical output works on Xorg but refuses to provide a display on ...
musv76's user avatar
  • 1
0 votes
0 answers
297 views

Ansible: become from a passwordless user

I have a user with no password, and want Ansible to use sudo from that user, without adding NOPASSWD to the sudoers file. Ansible complains with: FAILED! => {"msg": "Missing sudo ...
Fadeway's user avatar
  • 123
0 votes
0 answers
128 views

How to safely fix and migrate pip3 packages installed and run using sudo/root/local users to a safe pip3 virtual environment (venv)?

I am running an Ubuntu 22.04 Lemp Server, and I'm not sure I fully understand pip3 and how it works. When installing certain python3-pip packages, some of them required being installed and run as root ...
DanRan's user avatar
  • 93
2 votes
2 answers
117 views

Allow sudo to ALL users for a particular command

I want to allow all the users on a system to mount a disk named with users name. At the same time I do not want to allow user A to be able to mount the disk of user B. my disk name will be available ...
Raviraj's user avatar
  • 21
0 votes
0 answers
94 views

How can I see and logout active Remote Connection (RDP) in a Ubuntu server?

I have tried: who -H But I can see only my self, even though I have connected with another account using RDP, ideally I would like to be able to see and logout a user that sees only a black screen.
G M's user avatar
  • 105
0 votes
1 answer
110 views

How do you allow user_t SELinux users the ability to use sudo

I've got three classes of user that I have assigned to staff_t, user_t and guest_t. However the default permissions of these user types don't exactly correspond to what I need. It seemed easier to use ...
okapi's user avatar
  • 152
0 votes
1 answer
59 views

Why can I connect to the docker daemon with sudo, but not root?

Consider the following sequence of commands. When I try to connect to the docker daemon as a regular user, or root, I can't. When I use sudo (both as a regular user and root) I can. Why is this? [john@...
ThatDataGuy's user avatar
0 votes
0 answers
84 views

Need to enable restart button on GUI Ubuntu Server 22.04 + XFCE4 + sddm

Currently I have 2 users: root and gigi. gigi is not sudoer and cannot be, BUT, needs to have the possibility to reboot the server through 2 ways. 1º -> through terminal. I edited visudo and now I ...
ninjaspeed's user avatar
0 votes
1 answer
72 views

Need help managing per-machine per-user sudo permissions in a research network environment using saz-sudo and Hiera with Puppet

Currently our Puppet server has an /etc/sudoers file defined with the permissions for every user on every machine in our network. This file is distributed equally to every host to provide permissions. ...
Jamie King's user avatar
0 votes
1 answer
119 views

su: failed to execute 1 sudo dpkg-reconfigure locales: No such file or directory

I was configuring a linux server and after an apt upgrade this message came up whenever I try to change the user to root. If I do sudo su -, su -, sudo -i I cannot change user because it says that su: ...
nect's user avatar
  • 1
0 votes
1 answer
260 views

After run sudo and/or su or su - command, the command prompt not loaded, however the switch user is successful

I saw a maybe similar thread but not sure there the issue is the same: su command not responding? I have an Ubuntu 20.04 LTS baremetal server. After run sudo and/or su or su - command, the command ...
Badb0y's user avatar
  • 115
0 votes
1 answer
182 views

How to start a sudo-privilage program with screen so that I can re-attach to it later?

Here's the problem I face: I have a program that must run as root. I want that to run in a screen, but here's a twist: for admin reasons, I want to be able to re-attach to it. I'm writing a dirty and ...
CptZsolt's user avatar
0 votes
1 answer
114 views

get user with crontab root

I run myscript.sh scheduled in the root crontab and I need it to detect the non-root user (with which the system starts). I have tried these variants: local_user=${who -m | awk '{print $1;}'} ...
acgbox's user avatar
  • 398
1 vote
1 answer
524 views

sudo with Kerberos credentials

We are on Oracle Linux 7.9, which is part of a Kerberos realm. I would like account foo to be able to execute (without any password) one command as account bar with Kerberos credentials of bar ...
Peter G. Horvath's user avatar
0 votes
1 answer
405 views

is /etc/sudoers writable or not

The default permission in /etc/sudoers file is readonly for root and group root as in picture is obvious : So when you open it with any test editor it can't be written and give error read only. now ...
Salar's user avatar
  • 174
0 votes
0 answers
277 views

Sudo validates command line arguments via regular expression incorrectly

Let's say we have two users: alex and alexa. We want to allow alex to execute htop as root in order to see disk usage stats, but we do not want them to see other users' processes which root can do. ...
Genken's user avatar
  • 1
0 votes
2 answers
1k views

can not sudo to root in Ubuntu instance

I have an error when i want to become root ╭─saviam@server ~ ╰─$ sudo -i ...
nightWolf's user avatar
  • 118
0 votes
1 answer
3k views

Setup A Program to Run At Startup As A Specified User On Linux

I have a server running Debian 12 that does not have root access enabled as recommended by many. I do have an another user admin privileged account on the server. I have a program that does not come ...
Somekindofnick's user avatar
1 vote
1 answer
149 views

sudo file in sudoers - why user can modify file?

I want to allow one user to run specialscript.sh as root so in his folder i created -rwxr---- 1 root deployers 142 Jul 16 14:07 specialscript.sh and in sudoers.d/specialscripts: user123 ALL=(...
SledgehammerPL's user avatar
-2 votes
1 answer
146 views

Sudo user running app: can it be elevated to be root by app?

Sudo user running app: can it be elevated to be root by app? e.g., user "user_xyz" is a regular user in sudo group. sudo command Does not require password. If the user run an app, can the ...
eastwater's user avatar
  • 109
2 votes
1 answer
1k views

Privilege escalation prevent root directly

I think this is going to be my first post on StackExchange side of the house. However, I know that this has to be able to be configured cause I have seen it implemented previously but I don't actually ...
Maxs728's user avatar
  • 121
0 votes
1 answer
2k views

Sudoers NOPASSWD not working for specified commands

I have the following entries in the sudoers file: christian ALL=(root)NOPASSWD: /usr/sbin/shutdown christian ALL=(root)NOPASSWD: /usr/bin/systemctl start mc When running sudo shutdown -h now or sudo ...
Apollo's user avatar
  • 113
2 votes
1 answer
1k views

Is sudo -u username command the same as doing sudo -i -u username then command?

Is a terminal prompt sudo -u username command same as doing sudo -i -u username then command in the next line? If no, what is the differences? What are the use cases when doing the first is better or ...
joyoy's user avatar
  • 21
0 votes
1 answer
1k views

Nsswitch - sudoers sss vs ldap what am I missing

I'm trying to configure nsswitch to use sudoers: files sss which is default for rhel9 system, however this does not work for me, but the following sudoers: files ldap does indeed work. What am I ...
N. J's user avatar
  • 125
0 votes
1 answer
891 views

Apache Authentication - Find out user password

My field of expertise is far away from server management but I am currently covering for a former collegue of mine, so I apologize in advance if my question doesn't make sense. I have to restart an ...
Mariya Mihaylova's user avatar
0 votes
1 answer
286 views

i am root but ufw status says 'command not found'

as simple user, first I pass root with command : su I am now root on Debian 10 buster. When I hit ufw status, I have 'command not found'. But it works with sudo ufw status When I use su -, the command ...
rach's user avatar
  • 1
0 votes
1 answer
2k views

Sudo privileges limited to a specific group of users

I'm configuring our new Ubuntu 22.04 VPS to host our react app and REST API. I followed this tuto that seems relatively advanced and complete : https://gofoss.net/server-hardening-advanced/ I'm ...
Emmanuel FRANCOIS's user avatar
0 votes
1 answer
237 views

Getting command not found using sudo, but not for running command as root without sudo

wierd issue where if you use sudo command for certain commands it is not found. But runnning it as root user WITHOUT sudo does work root@ip-172-31-43-153:/home/ubuntu# sudo xfs_growfs -d / sudo: ...
user2958456's user avatar
1 vote
1 answer
63 views

Selective EXEC with LDAP-based sudo

I'm trying to translate this sudoers file into LDAP: Defaults env_reset, env_keep="LESSSECURE SSH_CLIENT", !authenticate, noexec, requiretty, secure_path=/usr/local/bin:/usr/bin:/usr/sbin ...
miken32's user avatar
  • 974
0 votes
1 answer
564 views

Why create a new user with sudo privilege when you are the only person manage the server?

Please share some true use cases of benefits when you are the only admin of manage VPSs, I'm just hosted my first WordPress site. A lot of guide I read online suggests creating a new user after update ...
Maxfield's user avatar
  • 103
0 votes
1 answer
45 views

Sudo: Using arguments in /etc/sudoers.d/ file, particularly with mount (visudo rejects syntax)

I have a syntax wrangling problem with sudo that may not be solvable. I know I know, OpenBSD's new doas is better than sudo, but it is not available on CentOS 7 or Rocky 8. So we're stuck with sudo ...
ping-me's user avatar
1 vote
0 answers
2k views

'user ... is not allowed to execute .... as root on ... ' - even with SUDO privileges but not sure why?

I am in the processing of installing singularity using the terminal on my Linux Mint computer (Ubuntu). I have the following command: sudo apt-get update The computer then asks me to enter my ...
Caledonian26's user avatar
1 vote
4 answers
6k views

Execute root commands through ssh user

my goal is to execute commands as root user from another linux host through ssh. The Problem is: The environment doesnt allow to access the root user directly. The manual way, which works, is to ...
Troubadix's user avatar
0 votes
1 answer
182 views

sudoers with other user and colon ":" char

I require a sudoers to be able to execute following command sudo -u myAppUser /opt/myapp/bin/myapp.Console.pl Admin::User::Add <some optional parameters> I've created a group myAppExecGroup and ...
cilap's user avatar
  • 277
1 vote
1 answer
2k views

Ubuntu 22 server slow to login and execute sudo

On several servers running Ubuntu-server 22 we have the problems that some commands take a very long time to execute. These commands include ssh login as well as sudo commands. Everything not evolving ...
Carsten's user avatar
  • 11
1 vote
0 answers
97 views

Can't find font as regular user

As a root, I can run gvim with my font selected as 'Ubuntu mono 14' and have everything work correctly. But as a regular user using the exact same config file selecting the exact same font, I get this:...
ivanlan's user avatar
  • 111
3 votes
3 answers
1k views

Administrative access to a server via SSH key

Is it a good idea to set the SSH key directly for the root user for administrative access to a server? Or is it better to use another user for SSH access via SSH key, followed by sudo command? Is the ...
phanaz's user avatar
  • 472
2 votes
1 answer
3k views

Running Shell Script without a Password Prompt

I have a shell script that runs on a freebsd OS. the script has some commands that needs the sudo privileges Im excuting the script remotley and it's skipping the sudo commands i tried the following : ...
ossama assaghir's user avatar
2 votes
1 answer
1k views

Allow users to use -D (--chdir) option with sudo

I want to make user bob able to use the -D option in sudo (like sudo -D /home bash which would open a root shell on /home). How can I do this and what are the security implications to this?
luihum's user avatar
  • 23
2 votes
1 answer
995 views

How to run a command as systemd DynamicUser

I am setting up a daemon for a web service and I want to use the systemd DynamicUser=yes feature because it seems cleaner not pollute the user table with a different user for each service. As is ...
cmc's user avatar
  • 707
0 votes
1 answer
956 views

Sudo: How can I exlude one specific command line argument from sudo

There is a command (say: mycommand) that we want to add to sudo for all users, but there is one specific command line option -i that we want to exclude. Complicating factor is that command line ...
Kees C's user avatar
  • 1
0 votes
1 answer
2k views

Can you access VM instance in Google Cloud without being root?

I'm trying to access GCP VM instance but I messed it up and now I'm getting this error: sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set but I don't have the root password. Is ...
Allen Chen's user avatar
9 votes
1 answer
2k views

Is it possible to lock sudo from the command line, without editing sudoers or logging out and back in?

When you run sudo it won't ask a password for at least 5 minutes after you last ran it. You can change this timeout by adding Defaults timestamp_timeout=0 to sudoers with sudo visudo. This also ...
Dagelf's user avatar
  • 643
0 votes
2 answers
316 views

Linux bash way for unprivileged user to take ownership of contents of only one particular directory?

I want a particular user to recursively change owner and group of all the contents of a particular directory, and only that directory. The directory is a kind of "inbox", where a service ...
Charlweed's user avatar
  • 249
1 vote
2 answers
469 views

How do I run sudo commands with a system user?

I want to run a minecraft server in Docker, so I started following this guide. In the guide, it is advised to create a system user with a home directory (/opt/minecraft), but without a password (you ...
Mr Baloon's user avatar
  • 111
0 votes
1 answer
233 views

DEBIAN 10 apt-get, sudo issues

I'm currently facing some issues with my dedicated server. I unfortunately removed some packages from my server yesterday. And now the man-db on my server seems not to work properly. This issue maybe ...
Kuezy's user avatar
  • 13
20 votes
9 answers
8k views

root login or sudo user for server administration?

I'm trying to understand the technical arguments/security implications between ssh'ing with root directly, or making an auxiliary sudo user in the context of maintaining a server. To clarify, we're ...
alex.b.bg's user avatar
  • 153
0 votes
1 answer
1k views

Problems sudoing using a host connected to Active Directory (sssd, kerberos local sudoers file)

I am configuring Active Directory authentication for an Alma 8 box using SSSD, Kerberos, and initial SSH key for log in stored in an Active Directory object, and a local sudoers file that lists groups ...
motorleague's user avatar

1
2 3 4 5
19