Sudo running without a password
Kirk Strauser
kirk at strauser.com
Sat Dec 31 11:57:00 PST 2005
I'm using sudo-1.6.8.12_1 (the most recent version in ports) on my FreeBSD
6.0-STABLE machine. I'm having the problem that any command I try to run
will execute as root regardless of what I enter for a password. Example:
$ sudo -k # To clear the timestamp
$ sudo whoami
Password: <anything I want>
root
In the second stamp, I can give my real password, a fake password, an empty
string, or ctrl-C - all with the same results.
Here's my sudoers:
#############################3
Defaults:nagios !syslog
User_Alias DUMPADMINS = kirk
Runas_Alias DUMPOP = operator
Cmnd_Alias AMANDA = \
/usr/local/sbin/amdump, \
/usr/local/sbin/amstatus, \
/usr/local/sbin/amadmin, \
/usr/local/sbin/amcheck, \
/usr/local/sbin/amlabel, \
/usr/local/sbin/amflush, \
/usr/bin/mt
Cmnd_Alias NAGIOS_PLUGINS = \
/usr/local/libexec/nagios/check_vinum_wrapper
root ALL = (ALL) ALL
%wheel ALL = (ALL) ALL
nagios ALL = (root) NOPASSWD: NAGIOS_PLUGINS
DUMPADMINS ALL = (DUMPOP) NOPASSWD: AMANDA
cricket ALL = (root) NOPASSWD:/usr/local/sbin/mailerstats.py
#############################3
I don't see anything in it that looks like it should prompt me for a password,
then run with elevated privileges regardless of what I send. Any ideas?
--
Kirk Strauser
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20051231/b812223e/attachment.bin
More information about the freebsd-questions
mailing list