[sudo-users] HowTo let user batch job run with NOPASSWD?
James, Voyle E Mr CTR US USA HQDA ITA BSS
Ed.James2 at us.army.mil
Thu Mar 31 11:36:45 EDT 2011
Hello,
Please help me with my configuration.
I want the oracle user to be able to run a backup script as root with
NOPASSWD. Any other calls to sudo must supply the root passwd.
Here are the /etc/sudoers parts:
Cmnd_Alias BACKUP_HELP = /adm_scr/ufsdump_backup.sh -h
oracle ALL = (ALL) NOPASSWD: BACKUP_HELP : ALL = (ALL) PASSWD:
ALL
Defaults !lecture
Defaults ignore_dot
Defaults mail_no_host
Defaults mail_no_perms
Defaults log_host
Defaults log_year
Defaults always_set_home
Defaults:!oracle requiretty
Defaults:oracle !requiretty
Defaults runaspw
Defaults !set_logname
Defaults loglinelen=0
Defaults editor=/usr/bin/vi
Defaults logfile=/var/log/sudolog
When I run a batch job I get this:
+ sudo /adm_scr/ufsdump_backup.sh -h
sudo: no tty present and no askpass program specified
sudo: pam_authenticate: Conversation failure
And in /var/log/sudolog:
Mar 31 10:20:37 2011 : oracle : HOST=fams2 : pam_authenticate:
Conversation failure ; TTY=unknown ; PWD=/home/oracle/bin ; USER=root ;
COMMAND=/adm_scr/ufsdump_backup.sh -h
I am running sudo 1.8.0 using these config values:
./configure \
--enable-log-host \
--enable-zlib=/usr/local \
--with-insults=disabled \
--with-all-insults \
--with-logging=file \
--program-suffix=_180 \
--prefix=/usr/local
Please let me know if I need to supply other information.
Thank you for any help you can provide.
Ed James, Contractor ed.james2 at us.army.mil 703-588-8736-voice
571-256-3314-fax
ITA BSS-FM/TCS
1777 North Kent Street, Suite 4100, Arlington, VA 22209
More information about the sudo-users
mailing list