How to launch commands with both sudo and user in background

masinick · July 19, 2021, 4:06pm

So to get this right for you, assuming you use the userid carletto, do the following:

su
(provide the root password).
usermod -a -G sudo carletto
Still as root, run visudo
after the line root ALL=(ALL:ALL) ALL
add carletto ALL=(ALL:ALL) ALL
and save.
then you should be able to run sudo commands.

MadeInGermany · July 19, 2021, 4:52pm

Perhaps you have this in your sudoers (from SuSE Linux):

## In the default (unconfigured) configuration, sudo asks for the root password.
## This allows use of an ordinary user account for administration of a freshly
## installed system. When configuring sudo, delete the two
## following lines:
Defaults targetpw   # ask for the password of the target user i.e. root
ALL   ALL=(ALL) ALL   # WARNING! Only use this together with 'Defaults targetpw'!

This degrades sudo to a su, where you must know the root password.
The preferred way is to have that deleted/disabled,
and allow specific commands for specific users, with their own password or even NOPASSWD.

Carletto · July 22, 2021, 7:00am

Hello everyone, and forgive again the delay of my answers.
What do you mean? "$USER" is an environment variable in Linux, it is replaced by the system with the username of the user who issues the command in question.
If the timer is entered in /etc/systemd/system (and therefore under root), to let the system know which user it should refer to, I have inserted this line in the .service unit:

Environment="USER=username"

I don't know if that's the canonical way to do it, but it works.

Carletto · July 22, 2021, 7:13am

Hello bending, and thanks for your clarifications!
I was not aware that a user was not present by default in the group which is allowed to issue commands with sudo. Is this valid from the first user created on a given system? I've always run commands with sudo with my user in all linux systems I've used so far, without making any changes... Maybe this rule "starts" from the second user onwards?
Since I have always launched commands with sudo with my user, I believed that every user created even after the first one could do it.

bendingrodriguez:

To allow root to call commands as an arbitrary user via sudo without a pwd, you have to put an entry like
root ALL=NOPASSWD: /usr/bin/foo,/bin/bar
in the sudoers file. However, it doesn't make much sense to have root ask about pwds. root is root is root. So that entry should rather be
root ALL=(ALL:ALL) ALL

I have not made this change to my sudoers file, yet if I run commands from root "impersonating" another user, it does not ask me for the password of that user: is this normal?

Carletto · July 22, 2021, 7:21am

I have put my user in the wheel group: is it the same thing, or do you recommend that I put it in the sudo group?

vbe · July 22, 2021, 7:22am

If you paid attention to what was written, you would not have asked such a question just look at my reply post 8...
You have all you need to know on how to do your job, as you never bothered to show us what you actually did, we have no sudoers extract nor asked output and you were given answers to all your questions
I will now close the topic as there is no hope of progress and all is already covered

vbe · July 22, 2021, 7:22am