Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

editing sudoers file but I am doing something wrong [Solved]

Linux Kernel, Network, and Services configuration.
Post Reply
Message
Author
peer
Posts: 443
Joined: 2017-03-26 10:14
Has thanked: 8 times
Been thanked: 20 times

editing sudoers file but I am doing something wrong [Solved]

#1 Post by peer »

I want to mount the maps of my nas without sudo asking for a password but it does not work. Here is my sudoers file:

Code: Select all

  GNU nano 5.4                                               /etc/sudoers.tmp                                                         
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults        env_reset
Defaults        mail_badpass
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification (added by peer)
Cmnd_Alias    FOTOOS = /bin/mount -t nfs 192.168.178.5\:/volume1/fotoos, /bin/umount 192.168.178.5\:/volume1/fotoos
Cmnd_Alias    DATA = /bin/mount -t nfs 192.168.178.5\:/volume1/data, /bin/umount 192.168.178.5\:/volume1/data


# User privilege specification (second line added by peer)
root    ALL=(ALL:ALL) ALL
peer    ALL=(ALL) NOPASSWD: FOTOOS, DATA

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "@include" directives:

@includedir /etc/sudoers.d

I added two Cmnd_Aliasses and one user privilege.
In the Aliasses I used the full path of the commands and I used an escape key for the special character ':'.
When I save the file visudo does not complain.
I looked at several howto's but I cannot see what I am doing wrong. Can somebody help me?

edit:
I moved the user privilege line to the bottom of the file: no change
Then I changed the line to

Code: Select all

peer    ALL=(ALL) NOPASSWD: ALL
This works but I this is not what I want
Last edited by peer on 2021-09-18 05:46, edited 1 time in total.

peter_irich
Posts: 1403
Joined: 2009-09-10 20:15
Location: Saint-Petersburg, Russian Federation
Been thanked: 11 times

Re: editing sudoers file but I am doing something wrong

#2 Post by peter_irich »

Code: Select all

peer    ALL=(ALL:ALL) NOPASSWD: ALL
Is not necessarily use visudo but 1st and 2nd fields must be separate by TAB.

Peter.

peer
Posts: 443
Joined: 2017-03-26 10:14
Has thanked: 8 times
Been thanked: 20 times

Re: editing sudoers file but I am doing something wrong

#3 Post by peer »

Thanks Peter, I did not know that I had to use TABs.
But unfortunately that was not enough solve my problem.

Meanwhile I found the cause of the problem: the special character : with the escape key. I replaced the last bit of the commands (starting with :) with the wild card *. As a result of that I could reduce the number of aliasses from 4 to 2. Now it works. Here is my changed sudoers file:

Code: Select all

 GNU nano 5.4                                               /etc/sudoers.tmp                                                         
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults        env_reset
Defaults        mail_badpass
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification (added by peer)
Cmnd_Alias      SYNOLOGY = /bin/mount -t nfs 192.168.178.5*, /bin/umount 192.168.178.5*



# User privilege specification (second line added by peer)
root    ALL=(ALL:ALL) ALL


# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "@include" directives:

@includedir /etc/sudoers.d

peer    ALL=(ALL) NOPASSWD: SYNOLOGY
Now I know that it does work I will put these extra lines in a separate file in/etc/sudoers.d

Post Reply