[SOLVED]Help with sudoers file?

generic_ · 2009-06-11 01:33:14

I haveing alot of trouble with my sudoers file. I would like to run the utility rkhunter as a cron job. But it must be run as root. So i wont to give myself the privledge to use it without a passwd. But when i us the line "%wheel ALL=(ALL) NOPASSWD: /usr/bin/rkhunter" it does not work. Out of curiosity i put the ALL parameter and that did not work either o,0 Either something has gone very wrong or Im in need of a lesson in sudo'ing. Can someone help? btw i looked at tutorials on the web and from what i can see im doing everything right. and before you suggest i checked that rkhunter is in /usr/bin/. here is my sudoers file.

EDIT: removed the comment in the first line i did not have that there when i ran it.

# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
# Failure to use 'visudo' may result in syntax or file permission errors
# that prevent sudo from running.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification
# User alias specification

# Cmnd alias specification

# Defaults specification

# Runas alias specification

# User privilege specification
root    ALL=(ALL) ALL
generic ALL=(ALL) ALL
# Uncomment to allow people in group wheel to run all commands
# %wheel    ALL=(ALL) ALL

# Same thing without a password
#%wheel ALL=(ALL) NOPASSWD: ALL

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now

Last edited by generic_ (2009-06-11 13:38:41)

Xyne · 2009-06-11 01:39:57

generic_ wrote:

But when i us the line "#%wheel ALL=(ALL) NOPASSWD: /usr/bin/rkhunter" it does not work.

Unless you made the same typo 3 times, you need to remove "#" from the corresponding lines.

generic_ · 2009-06-11 03:25:38

No i did not make a typo i commented the line when it did not work just in case. Thats not really a safe thing to have sitting around. I had it uncommented when I originally tried it both times.

Xyne · 2009-06-11 09:31:11

I only asked because you had included the hash symbol in the quoted line.

Anyway, try this:

%wheel ALL=NOPASSWD: /usr/bin/rkhunter

If it needs to be run as root, why don't you just add it to root's crontab or create a script in /etc/cron.{hourly,daily,etc}? Why do you need to run it with sudo?

.:B:. · 2009-06-11 11:02:53

Are you sure rkhunter is in /usr/bin and not /usr/sbin, for that matter?

I can't check, no Linux systems within reach ATM.

generic_ · 2009-06-11 11:22:17

rkhunter is not is /usr/sbin i checked specifically for that before i tried doing it in sudo. Its output is

bash:/usr/bin/rkhunter: Permission Denied

I tried your suggestion xyne with no luck. I double checked and im in the wheel group. The problem is, it is important I see the output the of rkhunter, if i didn't it would be pointless, and annoying to check the log. Also rkhunter has breaks in its output that require me to press enter to continue. So it will never finish if i dont see it. My plan is to have pop up in a terminal in front of me do its job, finish, and thats it. I was thinking I can use a simple shell script with the command. "urxvt -e rkhunter -c" Then run that shell script as a cron job. Can I get the results I want in the root crontab? Im also new to cron as well. Ive been using linux for while and I have little experience with both of these programs. Its time to learn them.

Thanks for your effort so though,

Last edited by generic_ (2009-06-11 11:35:41)

klixon · 2009-06-11 12:02:53

Can you post the sudoers file that doesn't work, excactly as you're trying to use it?
Thing to keep in mind: NOPASSWD lines always have to come last, or the will be overruled by following lines that don't have "NOPASSWD" in them

PS: You did relog after changing the file?

ataraxia · 2009-06-11 13:12:08

Just a sanity check, you actually ran "sudo /usr/bin/rkhunter", right? You have to run your app inside sudo to get any sudo rights to be active.

generic_ · 2009-06-11 13:37:51

@ataraxia: Thankyou!! When i type in the full path with sudo it works! But for some reason if I type sudo rkhunter it does not? Anyway problem solved for now!! Thanks again this was buggin me!

ataraxia · 2009-06-11 14:35:42

sudo doesn't interpret the meaning of the things you configure it to do. (That is, it doesn't know or care that your path will find /usr/bin/rkhunter when you type "rkhunter".) It allows you to run exactly what it says in the sudoers file, typed literally. (There are some wildcards available, but that's beyond this case.)

brisbin33 · 2009-06-11 14:44:53

as an outsider coming into this late... wouldn't it've been much simpler to just add the rkhunter to root's crontab?

Xyne · 2009-06-11 15:14:52

brisbin33 wrote:

as an outsider coming into this late... wouldn't it've been much simpler to just add the rkhunter to root's crontab?

Scroll up a bit to find the answer to that question (which I also asked).

Arch Linux

#1 2009-06-11 01:33:14

[SOLVED]Help with sudoers file?

#2 2009-06-11 01:39:57

Re: [SOLVED]Help with sudoers file?

#3 2009-06-11 03:25:38

Re: [SOLVED]Help with sudoers file?

#4 2009-06-11 09:31:11

Re: [SOLVED]Help with sudoers file?

#5 2009-06-11 11:02:53

Re: [SOLVED]Help with sudoers file?

#6 2009-06-11 11:22:17

Re: [SOLVED]Help with sudoers file?

#7 2009-06-11 12:02:53

Re: [SOLVED]Help with sudoers file?

#8 2009-06-11 13:12:08

Re: [SOLVED]Help with sudoers file?

#9 2009-06-11 13:37:51

Re: [SOLVED]Help with sudoers file?

#10 2009-06-11 14:35:42

Re: [SOLVED]Help with sudoers file?

#11 2009-06-11 14:44:53

Re: [SOLVED]Help with sudoers file?

#12 2009-06-11 15:14:52

Re: [SOLVED]Help with sudoers file?

Board footer