Debian User Forums


https://forums.debian.net/

editing sudoers file but I am doing something wrong [Solved]

https://forums.debian.net/viewtopic.php?t=150266

Page 1 of 1

editing sudoers file but I am doing something wrong [Solved]

Posted: 2021-09-17 14:14
by peer
I want to mount the maps of my nas without sudo asking for a password but it does not work. Here is my sudoers file:

Code: Select all

  GNU nano 5.4                                               /etc/sudoers.tmp                                                         
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults        env_reset
Defaults        mail_badpass
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification (added by peer)
Cmnd_Alias    FOTOOS = /bin/mount -t nfs 192.168.178.5\:/volume1/fotoos, /bin/umount 192.168.178.5\:/volume1/fotoos
Cmnd_Alias    DATA = /bin/mount -t nfs 192.168.178.5\:/volume1/data, /bin/umount 192.168.178.5\:/volume1/data


# User privilege specification (second line added by peer)
root    ALL=(ALL:ALL) ALL
peer    ALL=(ALL) NOPASSWD: FOTOOS, DATA

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "@include" directives:

@includedir /etc/sudoers.d

I added two Cmnd_Aliasses and one user privilege.
In the Aliasses I used the full path of the commands and I used an escape key for the special character ':'.
When I save the file visudo does not complain.
I looked at several howto's but I cannot see what I am doing wrong. Can somebody help me?

edit:
I moved the user privilege line to the bottom of the file: no change
Then I changed the line to

Code: Select all

peer    ALL=(ALL) NOPASSWD: ALL
This works but I this is not what I want

Re: editing sudoers file but I am doing something wrong

Posted: 2021-09-17 18:10
by peter_irich

Code: Select all

peer    ALL=(ALL:ALL) NOPASSWD: ALL
Is not necessarily use visudo but 1st and 2nd fields must be separate by TAB.

Peter.

Re: editing sudoers file but I am doing something wrong

Posted: 2021-09-18 05:38
by peer
Thanks Peter, I did not know that I had to use TABs.
But unfortunately that was not enough solve my problem.

Meanwhile I found the cause of the problem: the special character : with the escape key. I replaced the last bit of the commands (starting with :) with the wild card *. As a result of that I could reduce the number of aliasses from 4 to 2. Now it works. Here is my changed sudoers file:

Code: Select all

 GNU nano 5.4                                               /etc/sudoers.tmp                                                         
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults        env_reset
Defaults        mail_badpass
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification (added by peer)
Cmnd_Alias      SYNOLOGY = /bin/mount -t nfs 192.168.178.5*, /bin/umount 192.168.178.5*



# User privilege specification (second line added by peer)
root    ALL=(ALL:ALL) ALL


# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "@include" directives:

@includedir /etc/sudoers.d

peer    ALL=(ALL) NOPASSWD: SYNOLOGY
Now I know that it does work I will put these extra lines in a separate file in/etc/sudoers.d
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited