[lug] sudoers Failure Q
stimits at comcast.net
stimits at comcast.net
Mon Jul 10 16:18:55 MDT 2017
It looks like a flaw in usermod --groups. I've added my user to other groups as mentioned before, and I've noticed that the timestamp for "/etc/group" gets updated, but there is no timestamp change on "/etc/group-". I'm thinking perhaps "group-" must match "group", though I'm not sure how those files are used. If they are just a backup file, then I'm incorrect, but if the "-" version of "group-" and "gshadow-" have to update at the same time a user is added to a group, then usermod has failed.
As soon as I finish rebuilding part of my home directory I'll reboot and see what happens. Researching what "gshadow-" and "group-" is a bit slow since google won't allow me to exact quote...all of the web searches return without the "-" character at the end so I'll have to read through 100% of all web hits on "gshadow" until one has "gshadow-" explained.
----- Original Message -----From: Jed S. Baer <blug at jbaer.cotse.net>To: lug at lug.boulder.co.usSent: Mon, 10 Jul 2017 22:09:27 -0000 (UTC)Subject: Re: [lug] sudoers Failure Q
On Mon, 10 Jul 2017 15:40:55 -0600Jeffrey S. Haemer wrote:
> More grasping at straws, but who knows?
I spent a little time trying to come up with a way to blame systemd. :)
Some web searching came up with known issues regarding sudo and Wayland,but that doesn't seem to be OP's problem either. That report mentionedPolicyKit and how Wayland apps are supposed to gain elevated privileges.
Then I thought maybe something in /etc/sudo.conf could be useful, ormaybe a problem in sudoers itself.
But the reported error message:myname is not in the sudoers fileseems to indicate it is reading sudoers. Well, maybe that error messageis misleading. Or maybe a policy definition in /etc/sudo.conf has itreading a different sudoers? But then visudo should follow that policytoo ... maybe.
Hmm, "myname" is not in the sudoers file, not "mygroup"? That does implythat it's somehow not resolving %wheel.
sudo -l doesn't seem useful for debugging either._______________________________________________Web Page: http://lug.boulder.co.usMailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lugJoin us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20170710/8dca4c76/attachment.html>
More information about the LUG
mailing list