[Bug 996753] Re: entry in sudoers to execute a script without password prompt as root has no effect since 12.04

[Pascal Levasseur]

Thanks Marc for pinpointing the documentation... RTFM ...

The explaination of the difference of behavior between 11.10 and 12.04
may be explained by the differences in the original /etc/sudoers files
:

Ubuntu 11.10 version :

# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#

Defaults        env_reset

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL) ALL

# Uncomment to allow members of group sudo to not need a password
# (Note that later entries override this, so you might need to move
# it further down)
# %sudo ALL=NOPASSWD: ALL


Ubuntu 12.04 :

#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults        env_reset
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d


There is only a README file un the /etc/sudoers.d directory.


For sure, in the 12.04 version of the /etc/sudoers file these 2 new
lines must have an impact on the behavior of sudo :

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL


>From now I will carefully watch the content of the /etc/sudoers file in the next version and updates of Ubuntu !!

Thanks again.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/996753

Title:
  entry in sudoers to execute a script without password prompt as root
  has no effect since 12.04

Status in “sudo” package in Ubuntu:
  Invalid

Bug description:
  Since many ubuntu releases I execute a script in /usr/local/bin with
  sudo without password prompt in this way:

  /etc/sudoers:
  ...

  %admin ALL = (ALL) ALL
  %admin ALL = NOPASSWD: /usr/local/bin/script

  ...

  Since Kubuntu 12.04 this entry has no effect any more. It is not
  possible to execute /usr/local/bin/script as root without password
  prompt.

  I have try this entrys too for username at maschine

  %username ALL = NOPASSWD: /usr/local/bin/script

  username ALL = NOPASSWD: /usr/local/bin/script

  %username maschine = NOPASSWD: /usr/local/bin/script

  username maschine = NOPASSWD: /usr/local/bin/script

  username ALL = (root) NOPASSWD: /usr/local/bin/script

  So I think thers is a bug, because nothing works.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/996753/+subscriptions