Re: sudo doesn't ask for passwd
hi
Ship's Log, Lt. D'jinnie, Stardate 051298.1329:
>
> Ok, I suspect this comment is going to brand me as permanently clueless,
> but...debian has some thing where you can authorize your users to su
> without supplying a password.
that's for example secure-su which I used to have installed
Desired=Unknown/Install/Remove/Purge
| Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name Version Description
+++-===============-==============-============================================
rc secure-su 980403-0.3 su with more security options
however /etc/suauth looks still ok:
# /etc/suauth - secure-su control file. See suauth(5) for full documentation.
# Uncommenting this line will only allow members of group root to su to root.
root:ALL EXCEPT GROUP sudo:DENY
root:GROUP sudo:OWNPASS
it schould still ask me for my own passwd
> Since sudo -s seems to be rather analogous
> to that, i.e. it runs a root shell for you, could this configuration
> somehow work for both su and sudo? What happens when you try to su?
As I skipet back to normal su (suspeckting secure-su) it now asks me for the
root passwd as su is ment to be :)
But anyway, I cannot find anything weired going on
I did a su -c 'strace sudo -s' 2>sudo.trace
grep etc sudo.trace show this:
open("/etc/ld.so.preload", O_RDONLY) = 3
open("/etc/ld.so.cache", O_RDONLY) = 3
open("/etc/nsswitch.conf", O_RDONLY) = 3
read(3, "# /etc/nsswitch.conf\n#\n# Examp"..., 4096) = 406
open("/etc/ld.so.cache", O_RDONLY) = 3
open("/etc/passwd", O_RDONLY) = 3
open("/etc/shadow", O_RDONLY) = 3
open("/etc/localtime", O_RDONLY) = 3
open("/etc/resolv.conf", O_RDONLY) = 3
open("/etc/hosts", O_RDONLY) = 3
lstat("/etc/sudoers", {st_mode=S_IFREG|0440, st_size=302, ...}) = 0
lstat("/etc/sudoers", {st_mode=S_IFREG|0440, st_size=302, ...}) = 0
open("/etc/sudoers", O_RDONLY) = 4
open("/etc/group", O_RDONLY) = 5
open("/etc/group", O_RDONLY) = 5
open("/etc/group", O_RDONLY) = 4
open("/etc/passwd", O_RDONLY) = 4
open("/etc/ld.so.preload", O_RDONLY) = 4
open("/etc/ld.so.cache", O_RDONLY) = 4
open("/etc/nsswitch.conf", O_RDONLY) = 4
read(4, "# /etc/nsswitch.conf\n#\n# Examp"..., 4096) = 406
open("/etc/ld.so.cache", O_RDONLY) = 4
open("/etc/passwd", O_RDONLY) = 4
open("/etc/terminfo/s/screen", O_RDONLY) = 4
stat("/etc/inputrc", {st_mode=S_IFREG|0644, st_size=315, ...}) = 0
open("/etc/inputrc", O_RDONLY) = 4
read(4, "# /etc/inputrc - global inputrc "..., 315) = 315
nothing bad as far as I can tell.
grep var sudo.trace shows (among other) this:
lstat("../../var", {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0
stat("/var", {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0
stat("/var/run", {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0
stat("/var/run/sudo", {st_mode=S_IFDIR|0700, st_size=1024, ...}) = 0
stat("/var/run/sudo/root", 0xbffff3c0) = -1 ENOENT (No such file or directory)
utime("/var/run/sudo/root", NULL) = -1 ENOENT (No such file or directory)
open("/var/run/sudo/root", O_WRONLY|O_CREAT|O_TRUNC, 0600) = 4
timestamp does not exist and is therefor created ...
/me joins the cluless party and aplies to be president ...
Greetings
--
Alexander N. Benner <*> Nikodemus@innocent.com <*> Ephesians 6:12
For we wrestle not against flesh and blood, but against
principalities, against powers, against the rulers of the
darkness of this world, against spiritual wickedness in high places.
Reply to: