Re: sudo a user without password

[Jozsi Avadkan <jozsi.avadkan@gmail.com>]

wow, thanks for the quick answer! :)

but it still doesn't work. i'm pretty sure, that i'm missing something:

##############################

$ whoami
someone
$ sudo -u dude-user wine "/home/dude-user/.wine/drive_c/Program
Files/Dude/dude.exe"

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

[sudo] password for someone: 
someone is not allowed to run sudo on localhost.  This incident will be
reported.
$





##############################
the next try [like in the "Dude.desktop" file]: it prompts [GUI], that
it needs the password for the dude-user:
##############################

$ whoami
someone
$ gksu -u dude-user wine "/home/dude-user/.wine/drive_c/Program
Files/Dude/dude.exe"

##############################


I tried these: http://pastebin.com/raw.php?i=fHbh4VpS




> Hi!
> 
> On Sun, Jun 27, 2010 at 08:54:53AM +0200, Jozsi Avadkan wrote:
> > Hi
> > 
> > On a Desktop machine, running Debian Lenny [GNOME], i just want to put
> > a .desktop icon on the desktop, so that i can easy launch apps with
> > other users [e.g. not so trusted programs..maybe this way i could get a
> > little more secure.. :) ].
> > 
> > #########################################
> > $ cat Dude.desktop
> > [Desktop Entry]
> > Version=1.0
> > Encoding=UTF-8
> > Name=Dude
> > Type=Application
> > Terminal=false
> > Icon=gnome-mines
> > Exec=gksu -u dude-user wine "/home/dude-user/.wine/drive_c/Program
> > Files/Dude/dude.exe"
> > GenericName=Dude
> > #########################################
> > 
> > But every time [in a new session] i want to launch "Dude" with wine,
> > with another user...i have to type in his password.
> > 
> > -The question-
> > How can i set the sudoers file, so that it doesnt prompt for a password?
> > 
> > E.g.: I have a user named "someone".
> > On the "someone" users Desktop, I have the "Dude.desktop" file.
> > The Dude user [who has this program installed] is "dude-user"
> > 
> > I already tried [with visudo]:
> > 
> > someone    dude-user=(ALL) ALL
> > 
> > but it don't seems to work [still need password when launching
> > "Dude.desktop"]. Is there any way [I have to log out or something?]?
> 
> changes to /etc/sudoers take effect immediately, so logging off/on
> will have no effect.
> 
> But your existing entry in /etc/sudoers is slightly off: It allows
> "someone" (who is a member of the dude-user group) to execute all
> commands as all users.  I suspect that this is not exactly what you
> wanted.
> 
> try:
> 
> someone	   %=(dude-user) NOPASSWD: ALL
> 
> which should allow "someone" (regardless of what group they are
> members of) to execute all commands (as dude-user) without having to
> enter a password.
> 
> You should be able to tighten this to:
> someone	   %=(dude-user) NOPASSWD: /path/to/wine
> 
> and possibly even further to restrict what parameters they can pass to
> wine. But I'm not sure how to represent this in sudo, as the wine
> command line has spaces in it...
> 
> Hope this helps
> -- 
> Karl E. Jorgensen
> IT Operations Manager
> 
>