07.04.2018 21:38, Paul Neuwirth пишет:
Hi, the following works on all (Leap 42.3 and Leap 15.1) installations, but not on a Leap 42.2 (don't know if version causing the problem). sudo doesn't seem to respect files in /etc/sudoers.d/
# ssh -t sysupdateuser@422machine.swabian.net 'sudo zypper ref'
We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things:
#1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility.
root's password:
on all other machines, I do not get prompted for password. do I miss anything? thank you for any tip
Regards, Paul
Here's the configuration, which is the same on all servers:
# grep "^\s*[^#\;].*" /etc/sudoers Defaults always_set_home Defaults env_reset Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE" Defaults !insults Defaults targetpw # ask for the password of the target user i.e. root ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'! root ALL=(ALL) ALL ([...] other entries not matching sysupdateuser) # tail -n 3 /etc/sudoers ## Read drop-in files from /etc/sudoers.d ### (the '#' here does not indicate a comment) #includedir /etc/sudoers.d
# cat /etc/sudoers.d/sysupdateuser sysupdateuser ALL = (root) NOPASSWD: /usr/bin/zypper ref -n, /usr/bin/zypper ref, /usr/bin/zypper -n
zypper not in /usr/bin? Local alias, script whatever? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org