http://bugzilla.novell.com/show_bug.cgi?id=617710 http://bugzilla.novell.com/show_bug.cgi?id=617710#c0 Summary: sudoers file / visudo doesn't work as intended - still prompts for password when commands are executed with sudo Classification: openSUSE Product: openSUSE 11.2 Version: Final Platform: x86-64 OS/Version: openSUSE 11.2 Status: NEW Severity: Normal Priority: P5 - None Component: Other AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: novell.xq0@gishpuppy.com QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-GB; rv:1.9.1.9) Gecko/20100317 SUSE/3.5.9-0.1.1 Firefox/3.5.9 Normally, statements can be added /etc/sudoers (using visudo) so that the command(s) can be executed with sudo, without being prompted for the password. However, this is not the case as one still gets prompted for the password. Specifically, this only affects programs present in /sbin or /usr/sbin, provided, "ALL" is used instead of "localhost". Taking the example in the default sudoers file, the line: %users localhost=/sbin/shutdown -h now should result in the local user being able to execute the "shutdown -h now" command, using sudo, without being prompted for the password. However, this doesn't happen. Some users report that changing the "localhost" to "ALL" works: %users ALL=/sbin/shutdown -h now However, this only works when the program is not located in /sbin or /usr/sbin Also, the other variations which I tried don't work either, are: %users ALL=NOPASSWD: /sbin/shutdown -h now %users ALL=(ALL) NOPASSWD: /sbin/shutdown -h now username ALL=NOPASSWD: /sbin/shutdown -h now username ALL=(ALL) NOPASSWD: /sbin/shutdown -h now So to summarise, two issues here: 1) Programs in /sbin and /usr/sbin cannot be sudo'ed without being prompted for the password 2) Programs located outside of the above paths can be sudo'ed without the password, IF and only if the "localhost" property is replaced with ALL (or similar) Reproducible: Always Steps to Reproduce: 1. As a root user, edit /etc/sudoers and uncomment the example statement "%users localhost=/sbin/shutdown -h now" 2. Save and exit 3. As a non root user, execute the statement "sudo /sbin/shutdown -h now" Actual Results: The user is prompted for the root's password. Expected Results: The program should have been executed without being prompted for the password. Tested on OpenSUSE 11.2 KDE4 x86_64 with all standard updates. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.