Sudo is not woking on my centos7.3
Re: Sudo is not woking on my centos7.3
Well that has nothing to do with the current problem but I would never recommend turning it off completely. To re-enable it you will need to edit the /etc/sysconfig/selinux file and set it to permissive then touch /.autorelabel and reboot to force a full filesystem relabel of all files. When that's done, edit the same file again and set it to enforcing and repeat.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: Sudo is not woking on my centos7.3
finished selinux configuration,yes sudo is not working still,the weird thing is that even i set nopasswd for test user,sudo is asking password again
suspect authentication setting affect sudo behavior? see 2017-08-10_024724.png
Thanks
Code: Select all
[root@ark-centos-smb4 ~]# grep test /etc/sudoers
test ALL=(ALL) NOPASSWD: ALL
Thanks
- Attachments
-
- result of authconfig-tui
- 2017-08-10_024724.png (21.31 KiB) Viewed 5620 times
Re: Sudo is not woking on my centos7.3
funny,root user is also refused by system
Code: Select all
[root@ark-centos-smb4 ~]# sudo ls /root
root is not allowed to run sudo on ark-centos-smb4. This incident will be reported.
Re: Sudo is not woking on my centos7.3
Are you using visudo to edit your sudoers file?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: Sudo is not woking on my centos7.3
yes i believe that's what i always did,and /etc/sudoers has no error
another question how can i recover centos? it seems doesn't supply the option at boot
Code: Select all
[root@ark-centos-smb4 ~]# visudo -c
/etc/sudoers: parsed OK
/etc/sudoers.d/arkgrp-users: parsed OK
Re: Sudo is not woking on my centos7.3
There should be a "rescue" kernel on the grub menu but otherwise you have to boot the installation media and use the rescue option off the "Troubleshooting" menu.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: Sudo is not woking on my centos7.3
ok let's focus on sudo,rescue seems complicated...
thanks
thanks
Re: Sudo is not woking on my centos7.3
Check /var/log/secure and /var/log/messages for clues perhaps.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: Sudo is not woking on my centos7.3
collected contents of /var/log/messages, /var/log/secure during running sudo command as test user, the useful info seems limited...
/var/log/messages content:
/var/log/secure result:
Code: Select all
[root@ark-centos-smb4 ~]# su - test
Last login: Thu Aug 17 20:37:56 PDT 2017 on pts/0
[test@ark-centos-smb4 ~]$ sudo ls
[sudo] password for test:
test is not in the sudoers file. This incident will be reported.
Code: Select all
Aug 17 22:01:21 ark-centos-smb4 nslcd[988]: [901466] <group/member="root"> ldap_result() failed: Operations error: 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece
Aug 17 22:01:21 ark-centos-smb4 nslcd[988]: [901466] <group/member="root"> ldap_result() failed: Operations error: 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece
Code: Select all
Aug 17 22:02:15 ark-centos-smb4 sudo: test : user NOT in sudoers ; TTY=pts/0 ; PWD=/home/test ; USER=root ; COMMAND=/bin/ls
Re: Sudo is not woking on my centos7.3
figured out,sudo only has ldap in name service setting, see following
since i have sssd configued so change to following to let sudo working for local users,domain users
Code: Select all
[root@ark-centos-smb4 /]# grep sudo /etc/nsswitch.conf
sudoers: ldap
Code: Select all
[root@ark-centos-smb4 ~]# grep sudo /etc/nsswitch.conf
#sudoers: ldap
sudoers: files sss ldap