Hello,
I am running user in old fashion
I wanted that a user be able to do: mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB
With visudo, I did pdupre localhost=/usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB/
(pdupre is also member of pdupre I tried also %pdupre localhost=/usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB/)
But it does not work /usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB mount: only root can do that
or sudo /usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB [sudo] password for pdupre: pdupre is not allowed to run sudo on Teucidide. This incident will be reported.
I also tried to put pdupre as member of wheel, but it does not help.
Where is my mistake?
Thank
=========================================================================== Patrick DUPRÉ | | email: pdupre@gmx.com ===========================================================================
On 08.01.19 10:57, Patrick Dupre wrote:
With visudo, I did pdupre localhost=/usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB/
sudo /usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB
When you allow a specific command for sudo, you *must* use *exactly* the same command. In this case the slash at the end is missing.
'sudo -l' may be helpful.
best regards Ulf
On 1/8/19 8:38 AM, Ulf Volmer wrote:
On 08.01.19 10:57, Patrick Dupre wrote:
With visudo, I did pdupre localhost=/usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB/
sudo /usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB
When you allow a specific command for sudo, you *must* use *exactly* the same command. In this case the slash at the end is missing.
'sudo -l' may be helpful.
You could also add an appropriate line to /etc/fstab and make sure the "user" option is specified. Then any non-root user can mount that filesystem. A line such as:
/dev/mapper/VolGrpUsr_DK0-home /mnt/USB ext4 defaults,user 0 0
in /etc/fstab should permit any user to:
$ mount /mnt/USB
and accomplish what you want (assuming, of course, that /mnt/USB has appropriate permissions for the user). Not necessarily secure, but... ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer, AllDigital ricks@alldigital.com - - AIM/Skype: therps2 ICQ: 226437340 Yahoo: origrps2 - - - - Never eat anything larger than your head - ----------------------------------------------------------------------
Thank.
Right, but the behavior is exactly the same (with the /) I need to find the glitch.
And
sudo -l /usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB/ [sudo] password for pdupre: Sorry, user pdupre may not run sudo on Teucidide.
instead of:
pdupre is not allowed to run sudo on Teucidide.
=========================================================================== Patrick DUPRÉ | | email: pdupre@gmx.com Laboratoire de Physico-Chimie de l'Atmosphère | | Université du Littoral-Côte d'Opale | | ===========================================================================
Sent: Tuesday, January 08, 2019 at 5:38 PM From: "Ulf Volmer" u.volmer@u-v.de To: users@lists.fedoraproject.org Subject: Re: sudo
On 08.01.19 10:57, Patrick Dupre wrote:
With visudo, I did pdupre localhost=/usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB/
sudo /usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB
When you allow a specific command for sudo, you *must* use *exactly* the same command. In this case the slash at the end is missing.
'sudo -l' may be helpful.
best regards Ulf _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-leave@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
On 08.01.19 19:24, Patrick Dupre wrote:
sudo -l /usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB/
I guess there was a misunderstanding. 'sudo -l' is a single command to display the currently allowed rules. So you should try the commands:
sudo -l sudo /usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB/
best regards Ulf
OK,
Sorry,
But again:
sudo -l [sudo] password for pdupre: Sorry, user pdupre may not run sudo on Teucidide.
Same for sudo -i
=========================================================================== Patrick DUPRÉ | | email: pdupre@gmx.com Laboratoire de Physico-Chimie de l'Atmosphère | | Université du Littoral-Côte d'Opale | | ===========================================================================
Sent: Tuesday, January 08, 2019 at 7:30 PM From: "Ulf Volmer" u.volmer@u-v.de To: users@lists.fedoraproject.org Subject: Re: sudo
On 08.01.19 19:24, Patrick Dupre wrote:
sudo -l /usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB/
I guess there was a misunderstanding. 'sudo -l' is a single command to display the currently allowed rules. So you should try the commands:
sudo -l sudo /usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB/
best regards Ulf _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-leave@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
On 1/8/19 10:58 AM, Patrick Dupre wrote:
OK,
Sorry,
But again:
sudo -l [sudo] password for pdupre: Sorry, user pdupre may not run sudo on Teucidide.
Same for sudo -i
Uhm you ARE entering the password for user pdupre, right? Do NOT use root's password, use your own. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer, AllDigital ricks@alldigital.com - - AIM/Skype: therps2 ICQ: 226437340 Yahoo: origrps2 - - - - Brain: The organ with which we think that we think. - ----------------------------------------------------------------------
On 1/8/19 1:57 AM, Patrick Dupre wrote:
I wanted that a user be able to do: mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB
With visudo, I did pdupre localhost=/usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB/
(pdupre is also member of pdupre I tried also %pdupre localhost=/usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB/)
What does the "hostname" command give you? I would suggest using "ALL" instead.
But it does not work /usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB mount: only root can do that
The sudoers file doesn't affect trying to run commands directly.
sudo /usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB [sudo] password for pdupre: pdupre is not allowed to run sudo on Teucidide. This incident will be reported.
I also tried to put pdupre as member of wheel, but it does not help.
You need to start a new shell after doing that. Use the "id" command to verify the group is set correctly.
I would also suggest adding a file to /etc/sudoers.d instead of modifying the default /etc/sudoers file.
On 1/8/19 11:21 AM, Rick Stevens wrote:
On 1/8/19 10:58 AM, Patrick Dupre wrote:
sudo -l [sudo] password for pdupre: Sorry, user pdupre may not run sudo on Teucidide.
Same for sudo -i
Uhm you ARE entering the password for user pdupre, right? Do NOT use root's password, use your own.
That would give different messages: "Sorry, try again." and "sudo: 1 incorrect password attempt"
On 01/08/2019 12:23 PM, Samuel Sieb wrote:
What does the "hostname" command give you? I would suggest using "ALL" instead.
Not a good idea unless you really trust that user. This lets that person mount this partition when needed and nothing else. (It might be a good idea to allow umount for that partition as well, once mount works.)
On 1/8/19 12:14 PM, Joe Zeff wrote:
On 01/08/2019 12:23 PM, Samuel Sieb wrote:
What does the "hostname" command give you? I would suggest using "ALL" instead.
Not a good idea unless you really trust that user. This lets that person mount this partition when needed and nothing else. (It might be a good idea to allow umount for that partition as well, once mount works.)
You misunderstood. I meant to use ALL instead of "localhost" for the hostname field. I should have added "instead of localhost" to that line.
On 1/8/19 8:38 AM, Ulf Volmer wrote:
On 08.01.19 10:57, Patrick Dupre wrote:
With visudo, I did pdupre localhost=/usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB/
sudo /usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB
When you allow a specific command for sudo, you *must* use *exactly* the same command. In this case the slash at the end is missing.
'sudo -l' may be helpful.
You could also add an appropriate line to /etc/fstab and make sure the "user" option is specified. Then any non-root user can mount that filesystem. A line such as:
/dev/mapper/VolGrpUsr_DK0-home /mnt/USB ext4 defaults,user 0 0
in /etc/fstab should permit any user to:
$ mount /mnt/USB
The problem is that it tries to mount at boot even if the drive is off
and accomplish what you want (assuming, of course, that /mnt/USB has appropriate permissions for the user). Not necessarily secure, but...
- Rick Stevens, Systems Engineer, AllDigital ricks@alldigital.com -
- AIM/Skype: therps2 ICQ: 226437340 Yahoo: origrps2 -
-Never eat anything larger than your head -
users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-leave@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
On 1/9/19 1:13 AM, Patrick Dupre wrote:
On 1/8/19 8:38 AM, Ulf Volmer wrote:
On 08.01.19 10:57, Patrick Dupre wrote:
With visudo, I did pdupre localhost=/usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB/
sudo /usr/bin/mount /dev/mapper/VolGrpUsr_DK0-home /mnt/USB
When you allow a specific command for sudo, you *must* use *exactly* the same command. In this case the slash at the end is missing.
'sudo -l' may be helpful.
You could also add an appropriate line to /etc/fstab and make sure the "user" option is specified. Then any non-root user can mount that filesystem. A line such as:
/dev/mapper/VolGrpUsr_DK0-home /mnt/USB ext4 defaults,user 0 0
in /etc/fstab should permit any user to:
$ mount /mnt/USB
The problem is that it tries to mount at boot even if the drive is off
Then also set the "noauto" option:
defaults,user,noauto
That requires a manual mount. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer, AllDigital ricks@alldigital.com - - AIM/Skype: therps2 ICQ: 226437340 Yahoo: origrps2 - - - - All generalizations are false. - ----------------------------------------------------------------------
-
Joe Zeff -
Patrick Dupre -
Rick Stevens -
Samuel Sieb -
Ulf Volmer