22
votes
How to check if I have sudo access?
Gerald Schade's answer here, can still be improved!
Use
prompt=$(sudo -nv 2>&1)
if [ $? -eq 0 ]; then
# exit code of sudo-command is 0
echo "has_sudo__pass_set"
elif echo $prompt | grep -...
- 321
20
votes
Add a sudoer non-interactively from command line
I had a similar issue trying to get my docker container to allow jenkins scripts to use sudo commands without prompting for a password.
This was solved via the Dockerfile:
RUN echo "jenkins ALL=(ALL)...
- 261
19
votes
Accepted
Sudoers NOPASSWD for single executable but allowing others
man 5 sudoers says ("Sudoers File Format" section):
When multiple entries match for a user, they are applied in order. Where there are multiple matches, the last match is used (which is not ...
- 75.7k
18
votes
sudo command trying to search for hostname
Thanks to the linked bug report filed by Matthias Urlichs in another comment, the following command solved the issue for me:
Defaults !fqdn
Place this line in the /etc/sudoers file
- 285
16
votes
How to check if I have sudo access?
Here is the script-friendly version:
timeout 2 sudo id && echo Access granted || echo Access denied
since it won't stuck on the password input if you do not have the sudo access.
You can ...
- 25.8k
10
votes
How to repair /etc/sudoers on OSX High Sierra
There is a way out (thanks to https://astrails.com/blog/2009/09/29/how-to-fix-a-hosed-etc-sudoers-file-on-mac-osx):
be logged from an account with admin rights
in a Terminal, run open etc/ to see ...
- 201
8
votes
Why does the system have /etc/sudoers.d? How should I edit it?
Just a short addon to any general answer... none of the other answers fixed my issue, which was that order matters.
If your lines work in sudoers but not sudoers.d, try moving the #include around, or ...
- 594
8
votes
How to check if I have sudo access?
For me, 'sudo -v' and 'sudo -l' did not work in a script because sometimes interactive (asking me for a password, like mentioned above).
'sudo -n -l' did also not work, it gave the exit code '1' ...
- 303
6
votes
Accepted
linux sudoers not work on command `su`
su is not sudo... they are two separate tools with very different behaviours.
su will not be influenced by /etc/sudoers because that file is unrelated to it.
su - requires the root password, and ...
- 20.2k
6
votes
Accepted
Where is the sudoers file on Debian 10?
To be clear, the user can su without a password, so that's setup somewhere,
Somewhere else than sudoers, certainly. They are completely independent commands – su has its own logic for granting root ...
- 465k
5
votes
Can someone explain what is `<user> ALL=(ALL) NOPASSWD:ALL` does in sudoers file?
The sudoers man page describes this in great detail.
The format is;
user_spec host_spec=(runas_spec) NOPASSWD:cmd_spec
user_spec identifies which users can use the rule.
host_spec identifies which ...
- 11.2k
4
votes
Accepted
Parse error in sudoers after giving sudo access without password
echo '$USER ALL=(ALL) NOPASSWD: power_off.sh' >> /etc/sudoers.d/moss-priv
After this the file does not look fine. You need to provide the fully qualified file name (below I assume /sbin/...
- 75.7k
4
votes
sudo -l and sudo -ll output
Turns out I misinterpreted the sudo -l command. This message:
User test may run the following commands on server:
(root) NOPASSWD: /usr/bin/vim /usr/bin/motd
means that the only command that can be ...
- 161
4
votes
Why does sudoers.d ignore filenames with dots in them?
From man 5 sudoers [emphasis mine]:
The @includedir directive can be used to create a sudoers.d directory that the system package manager can drop sudoers file rules into as part of package ...
- 75.7k
3
votes
How to add myself back into sudoers in Ubuntu 14.04?
Do you know your root password? If yes, than just login using root account and fix this issue. Also you could boot single-mode and fix this issue.
If it doesn't work, then other options available. ...
- 254
3
votes
How do I fix an invalid /etc/sudoers file if root access is disabled?
After two days of research and browsing the web I have finally found a solution and been able to save my own Raspberry Pi system (not having to reformat the SD card and start from scratch)!
NOTE: ...
3
votes
Sudoers NOPASSWD for single executable but allowing others
You will often find a line like this in /etc/sudoers:
# Allow members of group sudo to execute any command
%wheel ALL=(ALL:ALL) ALL
This will allow any user that is in the "wheel" group to make ...
- 20.2k
3
votes
Accepted
Can someone explain what is `<user> ALL=(ALL) NOPASSWD:ALL` does in sudoers file?
From man sudoers
By default, sudo requires that a user authenticate him or herself
before running a command. This behavior can be modified via the
NOPASSWD tag
So users or groups are able to ...
- 366
3
votes
Sudoers: alias already defined "<garbage>"
This can happen if sudoers files are included twice, which can happen if
/etc/sudoers contains two lines with same meaning, such as:
@includedir /etc/sudoers.d
#includedir /etc/sudoers.d
Now, ...
2
votes
Perrmission to run specific command by sudo as www-data users without password
This is what I ended up doing:
Install apache2 by running sudo apt-get install apache2
Make sure apache is allowed to run cgi scripts by running sudo a2enmod cgi
Restart apache sudo service apache2 ...
- 879
2
votes
allow sudo user to execute multiple commands for only ONE file
this works or me:
Cmnd_Alias VIEW = /bin/cat /var/log/messages, /bin/head /var/log/messages, /bin/tail /var/log/messages, /bin/tailf /var/log/messages
luser ALL=NOPASSWD: VIEW
or
luser ALL=VIEW
- 201
2
votes
Add a sudoer non-interactively from command line
A more modern method, given the age of this post, is to place a per-user file in /etc/sudoers.d/ or the appropriate similar location for whatever OS is at reference. So long as your sudoers file ...
- 879
2
votes
Add a sudoer non-interactively from command line
Here's how I setup a non-root user with the base image of ubuntu:18.04:
RUN \
groupadd -g 999 foo && useradd -u 999 -g foo -G sudo -m -s /bin/bash foo && \
sed -i /etc/sudoers ...
- 133
2
votes
'user is not in the sudoers file' but actually is
I pulled down the source code for sudo and it appears that the way this could happen is if your sudo is configured to use LDAP or SSSD methods to determine permissions. If either of those is available,...
- 211
2
votes
Accepted
What is the different between giving user root privileges and adding it to root's group
CentOS seems to work slightly differently[1] from other Linux flavours.
By the way, in general
With # usermod -aG wheel myuser you are adding myuser to the group of wheel [2], the CentOS equivalent ...
- 19.1k
2
votes
Accepted
How do I add to sudoers.d from a custom rpm
This is probably because in the %files section you have something like this:
%files
/etc/sudoers.d/
This makes your package not only include the files in /etc/sudoers.d; but also the directory ...
- 606
2
votes
Sudo doesn't work: "/etc/sudoers is owned by uid 1005, should be 0" - Ubuntu
On Google Cloud Platform you can use Startup Scripts to run commands as root on startup. So you can add something similar to chown 0 /etc/sudoers to your current script and restart your VM.
And you ...
- 254
2
votes
sudo -u <user> <cmd> vs sudoedit
Linux admin A's plan is a bit more restrictive, and forces you to think a bit about what commands and files require such access. The result will be a bunch of permitted commands and documentation ...
- 16k
2
votes
Why is root sometimes not in the sudoers file, by default or convention?
There are two 'standard' versions of /etc/sudoers used by Linux distros. One follows the principle of least privilege, and does not by default include the line you mentioned. The other prefers ...
- 9,891
2
votes
Accepted
grant access to a command only for certain arguments (chown for a path)
Yes, you can use wildcards:
jenkins ALL=(ALL) NOPASSWD: /bin/chown -R apache:apache /var/www/vhosts/*
Though it's probably safer from a security perspective to write your own script so that you can ...
- 520
Only top scored, non community-wiki answers of a minimum length are eligible