The sed command does inline updates to the /etc/sudoers file to allow foo and root users passwordless access to the sudo group.The home directory is set to /home/foo.The uid and gid is set to the value of 999.The user foo is added to the both the foo and sudo group.Sed -i /etc/sudoers -re 's/^#includedir.*/# **Removed the include directive** #"/g' & \Įcho "foo ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers & \Įcho "Customized the sudoers file for passwordless access to the foo user!" & \ Sed -i /etc/sudoers -re 's/^root.*/root ALL=(ALL:ALL) NOPASSWD: ALL/g' & \ Sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g' & \ Groupadd -g 999 foo & useradd -u 999 -g foo -G sudo -m -s /bin/bash foo & \ Instead, create a script that does what you want (looks up current directory, determines its owner and group, creates a directory Doing it this way means that the user only has to navigate to the directory then sudo create-Here's how I setup a non-root user with the base image of ubuntu:18.04: RUN \ It seems you want to let users create sub-directories with a specific name owned by the owner of the parent directory. I won't get into that as it's out of scope but, to accomplish what you want and more flexibility, there may be a better way. Parts of your description imply that you have things setup in a bizarre way. Really this isn't the way to do something like this. Since this rule matches the situation, but requires a password, a password was being asked.) I had a problem in my own config where I was specifying %sudo ALL=(ALL:ALL) ALL afterwards. If you have another rule after this one that would cover the same command (such as ALL) it would take effect instead. This reads something like: "Allow any user on any domain to act as any user:group without asking for a password to execute the exact command "mkdir (Rules are determined in order with the last matching rule taking effect. It is always advisable to leave the password prompt as-is for switching accounts.Create a rule as such: ALL ALL=(ALL:ALL) NOPASSWD: /bin/mkdir www "" Although it makes things easy to switch accounts without password, you should be very careful not to create a security breach while doing so. In this article, we have learnt two different ways to enable users to switch accounts without passwords. As before, login using test_user account and issue the following command to switch to data_user without password. test_user ALL=NOPASSWD: /bin/su – data_user This is to allow test_user to switch to data_user without password. $ sudo visudoĪdd the following line below “%sudo ALL=(ALL:ALL) ALL” line. Basically, the user that you want to be able to switch to your target account, needs to be present in sudoers file or in the sudo group. You can also accomplish this result by modifying sudoers file. You will be automatically switched without being prompted for password. Now, login as test_user into Linux, and then run the following command from terminal. Next, add another user test_user to data_user group $ sudo usermod -aG data_user test_user If so, it will switch user without password, else carry out default authentication. Next line checks if the user belongs to data_user group. Otherwise, it carries out default authentication. If so, then the service proceeds with next line. In the above lines, the first line checks if target user is data_user. # vim /etc/pam.d/suĪdd the following lines after “auth sufficient pam_rotook.so” auth pam_succeed_if.so user = data_userĪuth sufficient pam_succeed_if.so use_uid user ingroup data_user We will modify the default settings for su command by opening its configuration file. PAM (Pluggable Authentication Module) allows users in one group to switch accounts without using password. There are two ways to solve this problem. Other users need to enter password to be able to switch user accounts. How to Switch User without Password in Linuxįor our example, we have user account data_users and we want every user in group data_users to be able to switch to user account data_users using su, without password.īy default, only root user can switch accounts without using password. In this article, we will look at how to switch user without password in Linux. However, sometimes you may need your users to be able to switch to a particular user without password in Linux. Only on successful authentication, you are allowed to switch user. Generally, when we try to switch users in Linux, it will prompt you to enter password for that user.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |