If you're not using sudo, its configuration isn't relevant. sudo options are sudo's alone and don't matter when you don't use it.
If these things are being mounted by hand, could you just alias mount to sudo mount in their .bashrc? Users could thus run 'mount' and the shell would run 'sudo mount'. This is a lot safer than the alternative, i.e. setting the mount binary setuid so it always runs as root!
As far as not using sudo, I'm confused then. In looking for how to run truecrypt without needing a password, I read that if this is added to the /etc/sudoers
%admin ALL=NOPASSWD: /usr/bin/truecrypt
then one can run truecrypt without having to type sudo.
This is in fact the case in my setup. If I have this line in sudoers then I can run truecrypt without prefixing it with sudo. If I don't have this line, then truecrypt asks for admin privileges.
To show truecrypt is not aliased :
$ type truecrypt
truecrypt is hashed (/usr/bin/truecrypt)
Is truecrypt itself calling sudo to mount? If that is the case, then this makes a little more sense. The more I think of it, the more I feel it is likely this way. But still, truecrypt isn't needing a sudo prefix so how can modifying sudoers affect the truecrypt script? Can someone explain? Why don't I have to have sudo in from of truecrypt as in:
sudo truecrypt -d ; # to dismount all volumes
as evidenced by this result:
$ truecrypt -t -v -d
Volume "/home/woodnt/.vol/xj9" has been dismounted.
Volume "/home/woodnt/.vol/i5yq" has been dismounted.
Furthermore, why wouldn't it require mount in sudoers rather than truecrypt if truecrypt is using "sudo mount ..."
Bewildered but enjoying learning,
Narnie
---------- Post updated at 06:15 PM ---------- Previous update was at 05:42 PM ----------
BTW, if I have either of the 2 mount/umount combos I listed in my first post in place I get this when trying to run sudo mount ...
$ sudo mount --bind Dir1 Dir2
[sudo] password for woodnt:
It still wants a password if I prefix it with sudo even though I've tried:
%admin ALL=NOPASSWD: /usr/bin/mount
and
%admin ALL=(ALL) NOPASSWD: /usr/bin/mount
Narnie
This shows I'm in admin group:
$ groups
woodnt adm disk dialout cdrom audio video plugdev lpadmin admin sambashare vboxusers
truecrypt is smart enough to call sudo by itself. It's a fairly friendly program.
Yes, truecrypt is calling sudo.
Because it calls sudo itself. it's not a "prefix". You're actually running a command named 'sudo'. Imagine you made a script that called 'sudo umount'.
As for the proper syntax, I have this line in my sudoers:
%wheel ALL=NOPASSWD: /usr/bin/powertop
It lets anyone in the wheel group run powertop as root with no password. If you updated your users' groups recently, try logging out then back in.
Perhaps I shouldn't have said "prefix" in this context. I was not meaning test.txt as test is the prefix and txt is the suffix, just that you have to have "sudo something" to run something if something requires root access.
So I'm still puzzled why I don't have to put sudo in front of truecrypt when I run it.
Why doesn't the sudoers require mount to be mentioned and not truecrypt since sudo is elevating the privies of mount, not really truecrypt?
Also, why does "sudo mount --binding foo.bar foobar2" ask for the password even when I have mount set up as I have posted above which is identical to the code you have in the wheel line again?
The only difference is "admin" is in wheels place and /bin/mount is in /usr/bin/powertop's place.
Is mount "special?" If so, why does this work for truecrypt?
I'm sure I'm just being thick, but I really want to "get this."
With thanks for all the patience,
Narnie
---------- Post updated at 11:29 PM ---------- Previous update was at 10:48 PM ----------
OK, as far as why mount and umount are still requiring password was because I was blinded by the truecrypt line before it.
It should be /bin/mount or unmount not /usr/bin/mount.