Subject: Re: sudo doesn't ask for password
To: mortee <email@example.com>
From: Quentin Garnier <firstname.lastname@example.org>
Date: 10/19/2007 11:36:14
Content-Type: text/plain; charset=us-ascii
On Fri, Oct 19, 2007 at 09:41:58AM +0200, mortee wrote:
> sorry if this isn't an appropriate forum for my problem, but I don't
> really know where else to ask. I'm wondering if anyone else has
> encountered what I have, what may be the cause and the solution.
> I have a i386 box running NBSD 2.0. I recently transitioned from
> pkgsrc-2007Q2 to pkgsrc-2007Q3, along with which sudo got updated from
> 1.6.8pl12nb4 to 1.6.9p6.
> I just noticed that sudo fails to ask me for my password, when it would
> be supposed to.
> $ id
> uid=3D1000(morton) gid=3D100(users)
> $ sudo id
> uid=3D0(root) gid=3D0(wheel)
> $ sudo -l
> User morton may run the following commands on this host:
> (ALL) ALL
> (%morton) NOPASSWD: ALL
> (root) NOPASSWD: /usr/pkg/sbin/smartctl -A /dev/wd?d
> $ sudo -k
> $ sudo ls
> I know for sure that it worked as expected before the upgrade. I don't
> have any timeout settings in my sudoers file, so it is at its default
> value. However, after sudo -k, it should ask for a password anyway. I
> haven't altered my sudoers file since the upgrade.
> Also note that as root, I should only be able to run that smartctl
> command without a password prompt; and also run anything as someone in
> the group morton, which root is not. So in all other cases, I should be
> prompted for my password.
> Can anyone shred any light on this?
Well, the second line in sudo -l output means you don't have to type
your password when you belong to group "morton". I don't see how any
update would have changed anything there.
Quentin Garnier - email@example.com - cube@NetBSD.org
"See the look on my face from staying too long in one place
[...] every time the morning breaks I know I'm closer to falling"
KT Tunstall, Saving My Face, Drastic Fantastic, 2007.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (NetBSD)
-----END PGP SIGNATURE-----