Friday, May 3, 2024
Homepage · sudo
 Popular · Latest · Hot · Upcoming
12
rated 0 times [  12] [ 0]  / answers: 1 / hits: 48270  / 2 Years ago, tue, january 11, 2022, 10:49:43

I have two users on my system: itsadok, my main user, and elasticsearch, a user with a different ulimit for running ElasticSearch.



I would like to be able to run stuff as the secondary user without being prompted for password every time.



I added the following line to /etc/sudoers:



itsadok ALL=(elasticsearch:elasticsearch) NOPASSWD: ALL


The way I understand it, this should allow the user itsadok, on any host, to run any command as (user or group) elasticsearch without a password. However, trying something like



itsadok@dev001$ sudo -u elasticsearch ls


prompts me for a password. Restarting the machine did not help.



What am I doing wrong?



UPDATE:



It turns our that the order of lines in sudoers is significant. I placed the line under "User privilege specification" which sounded like the right place, but the line for the %admin group that comes later was overriding the setting.



Putting the same line at the end of the sudoers file fixed the issue.


More From » sudo
 Answers
4

Revised answer from comments: If you place directives below #includedir, they are ignored. Move the line next to the sudo or admingroup definitions, or place it in separate file in /etc/sudoers.d/.


[#33269] Thursday, January 13, 2022, 2 Years  [reply] [flag answer]
Only authorized users can answer the question. Please sign in first, or register a free account.
sertold
Add To Favorites
Follow
Total Points: 445
Total Questions: 123
Total Answers: 113
Location: Burundi
Member since Wed, Sep 28, 2022
2 Years ago
sertold questions
Wed, Dec 21, 22, 16:02, 1 Year ago
Fri, Dec 31, 21, 01:50, 2 Years ago
Thu, Jun 16, 22, 23:30, 2 Years ago
Mon, Mar 7, 22, 16:21, 2 Years ago
Tue, Mar 29, 22, 02:11, 2 Years ago
View All
;