[Bug 996753] Re: entry in sudoers to execute a script without password prompt as root has no effect since 12.04
Pascal Levasseur
996753 at bugs.launchpad.net
Tue May 29 15:35:22 UTC 2012
Hello Marc,
I am following your advices.
1)
Test with Ubuntu 12.04.
Last line in /etc/sudoers :
%admin ALL=(ALL) NOPASSWD: /sbin/shutdown
Command at the shell prompt :
sudo -k
sudo shutdown -r 20
Content of the auth.log file :
May 29 16:58:26 vortex sudo: pascal : TTY=pts/0 ; PWD=/home/pascal ; USER=root ; COMMAND=/sbin/shutdown -r 20
May 29 16:58:26 vortex sudo: pam_unix(sudo:session): session opened for user root by pascal(uid=1000)
May 29 16:58:28 vortex sudo: pam_unix(sudo:session): session closed for user root
The command execute without asking for a password .... Good !
2)
Test with Ubuntu 12.04.
Last line in /etc/sudoers :
pascal vortex = NOPASSWD: /sbin/shutdown
Command at the shell prompt :
sudo -k
sudo shutdown -r 20
Content of the auth.log file :
May 29 17:10:59 vortex sudo: pascal : TTY=pts/0 ; PWD=/home/pascal ;
USER=root ; COMMAND=/sbin/shutdown -r 20
The command execute without asking for a password .... Better !
3)
Test with Ubuntu 12.04.
Last line in /etc/sudoers :
pascal vortex = NOPASSWD: /sbin/shutdown, /usr/bin/cpufreq-set
Commands in the cron script :
#!/bin/bash
sudo /usr/bin/cpufreq-set --cpu 0 --governor powersave
sudo /usr/bin/cpufreq-set --cpu 1 --governor powersave
Content of the auth.log file :
May 29 17:25:01 vortex CRON[11913]: pam_unix(cron:session): session opened for user pascal by (uid=0)
May 29 17:25:01 vortex CRON[11912]: pam_unix(cron:session): session opened for user root by (uid=0)
May 29 17:25:01 vortex CRON[11912]: pam_unix(cron:session): session closed for user root
May 29 17:25:01 vortex sudo: pascal : TTY=unknown ; PWD=/home/pascal ; USER=root ; COMMAND=/usr/bin/cpufreq-set --cpu 0 --governor powersave
May 29 17:25:01 vortex sudo: pam_unix(sudo:session): session opened for user root by (uid=1000)
May 29 17:25:01 vortex sudo: pam_unix(sudo:session): session closed for user root
May 29 17:25:01 vortex sudo: pascal : TTY=unknown ; PWD=/home/pascal ; USER=root ; COMMAND=/usr/bin/cpufreq-set --cpu 1 --governor powersave
May 29 17:25:01 vortex sudo: pam_unix(sudo:session): session opened for user root by (uid=1000)
May 29 17:25:01 vortex sudo: pam_unix(sudo:session): session closed for user root
May 29 17:25:01 vortex CRON[11913]: pam_unix(cron:session): session closed for user pascal
The cron script was executed perfectly.
So the answer to our complain is :
"For Ubuntu 12.04 the rules must be entered at the end of the
/etc/sudoers file"
Thank's for your help.
Now, the question is : "Why, in Ubuntu 12.04, the rules must be entered
at the end of the /etc/sudoers file ?"
Is it a feature or a bug ????
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/996753
Title:
entry in sudoers to execute a script without password prompt as root
has no effect since 12.04
Status in “sudo” package in Ubuntu:
Incomplete
Bug description:
Since many ubuntu releases I execute a script in /usr/local/bin with
sudo without password prompt in this way:
/etc/sudoers:
...
%admin ALL = (ALL) ALL
%admin ALL = NOPASSWD: /usr/local/bin/script
...
Since Kubuntu 12.04 this entry has no effect any more. It is not
possible to execute /usr/local/bin/script as root without password
prompt.
I have try this entrys too for username at maschine
%username ALL = NOPASSWD: /usr/local/bin/script
username ALL = NOPASSWD: /usr/local/bin/script
%username maschine = NOPASSWD: /usr/local/bin/script
username maschine = NOPASSWD: /usr/local/bin/script
username ALL = (root) NOPASSWD: /usr/local/bin/script
So I think thers is a bug, because nothing works.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/996753/+subscriptions
More information about the foundations-bugs
mailing list