-5

I gives user king to be almost super user , and I set the following in /etc/sudoers

king    ALL=(ALL)       NOPASSWD:ALL

additionally we have other user that called – lincoin ( simple user )

now I access the user lincoin as

su  lincoin  

whoami
lincoin

pwd
/opt/my_scripts

And I try to run some script with my super user – king from user lincoin - as the following

sudo -u king    /opt/my_scripts/change_onwership_on_folders.sh

but I get this:

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

Is it possible to escape entering of lincoin password , by changing some rule in sudoers file?

Improve this question
3
  • This appears to be related to (and possibly a dupe of) the earlier question unix.stackexchange.com/questions/789277/… Commented Jan 9 at 14:00
  • @Kusalananda its diff question Commented Jan 9 at 14:46
  • In what way exactly? The usernames are different but the issue seems identical. You still have to run your script as root and it doesn’t matter what the other users are called. Commented Jan 9 at 15:32

1 Answer 1

Reset to default
1

Your config appears to give the user king the ability to run anything as root (implicitly), without a password. It does not give lincoin the ability to do anything, because you have not mentioned lincoin at all in the config (at least, not the config you have shown), hence the password prompt.

You would be looking for something like this:

lincoin    ALL=(king)       NOPASSWD: ALL

That said, giving lincoin permission to run anything with king without password is questionable from a security standpoint.

To restrict to certain commands, you could do:

lincoin    ALL=(king)       NOPASSWD: /opt/my_scripts/change_onwership_on_folders.sh
Improve this answer
3
  • I don't think this is what the @yael wants to achieve. To change the ownership of files, root privileges are required. So lincoin ALL = NOPASSWD: /opt/my_scripts/change_onwership_on_folders.sh and sudo /opt/my_scripts/change_onwership_on_folders.sh (without -u king) is probably the right solution. Commented Jan 9 at 13:58
  • @Christo Which is what I basically said in my answer to their previous question unix.stackexchange.com/questions/789277/… Commented Jan 9 at 15:31
  • setting the line as lincoin ALL=(king) NOPASSWD: /opt/my_scripts/change_onwership_on_folders.sh , still gives the same situation as I mention in my post Commented Jan 11 at 17:51

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.