[sudo-users] su nopasswd
William.Stevens at JPSHealth.org
Mon Dec 20 18:20:34 EST 2004
We have a vendor-installed application that uses sudo. The installation
uses the su script to replace the su binary (moved su to su.old and
su.orig). Several of the application accounts are set up in sudoers to
use the nopasswd option. Recently, this stopped working, and now any
access to these accounts prompts for a password.
This usually occurs with an su -c "put some commands here" or a /bin/sh
-c "some commands here" line in the various scripts used for the
application. Entering root's password or the account's password has no
Has anyone ever seen this behaviour, and does anyone have a guess about
what caused it?
I've looked through the log files and see errors like this:
Dec 20 15:02:45 : seso : command not allowed ; TTY=pts/9 ;
PWD=/home/sn_root/opt/seso/gui/rdiag/osh.bin ; USER=root ;
but looking in sudoers gives this:
root ALL=(ALL) ALL
seso ALL= NOPASSWD: /sbin/sh -c
I see the /bin and /sbin difference, but it used to work, so I can only
guess that some other setting was regulating this command.
It's as if sudo has stopped reading the sudoers file. Any thoughts or
ideas would be much appreciated.
Just in case it's useful, here are the permissions on the various sudo
---s--x--x 1 root root 91972 May 4 2002
-r-xr-xr-x 1 root root 2854 Jul 2 2003 /usr/bin/su*
-r--r----- 1 root root 7521 Nov 20 2003
I know that's a little sketchy. I can provide more details if needed.
Thanks in advance.
William M. Stevens, CISSP
More information about the sudo-users