When using sudo to root, it is asking for password. The reason was it was reading the config file /etc/sudoers.d/svc-system-config-user before reading /etc/sudoers. Emptied the config file and issue was resolved.
# cat /etc/sudoers.d/svc-system-config-user
sam@sopc-sp-v01:~$ sudo su -
Password:
root@sopc-sp-v01:~# visudo
visudo: /etc/sudoers.tmp unchanged
root@sopc-sp-v01:~# truss -f -t open sudo -l
16589: open("/var/ld/ld.config", O_RDONLY) Err#2 ENOENT
16589: open("/lib/libc.so.1", O_RDONLY) = 3
16589: open("/usr/lib/sudo/libsudo_util.so.0", O_RDONLY) = 3
16589: open("/usr/lib/locale/common/methods_unicode.so.3", O_RDONLY) = 3
16589: open("/usr/lib/locale/en_US.UTF-8/en_US.UTF-8.so.3", O_RDONLY) = 3
16589: open("/system/volatile/tzsync", O_RDONLY|O_CLOEXEC|O_TPDSAFE) = 3
16589: open("/usr/share/lib/zoneinfo/localtime", O_RDONLY) = 3
16589: open64("/dev/tty", O_RDWR) = 5
16589: open("/proc/16589/psinfo", O_RDONLY) = 5
16589: open64("/system/volatile/name_service_door", O_RDONLY) = 5
16589: open("/proc/16589/psinfo", O_RDONLY) = 6
16589: open("/lib/libsocket.so.1", O_RDONLY) = 6
16589: open("/lib/libnsl.so.1", O_RDONLY) = 6
16589: open("/usr/lib/sudo/sudoers.so", O_RDONLY) = 6
16589: open("/lib/libmd.so.1", O_RDONLY) = 6
16589: open("/lib/libucrypto.so.1", O_RDONLY) = 6
16589: open("/etc/system.d/crypto:fips-140", O_RDONLY|O_NONBLOCK) = 6
16589: open("/usr/lib/security/pkcs11_softtoken.so.1", O_RDONLY) = 6
16589: open("/lib/libelf.so.1", O_RDONLY) = 7
16589: open("/lib/libucrypto.so.1", O_RDONLY) = 6
16589: open("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/sudoers.mo", O_RDONLY) Err#2 ENOENT
16589: open64("/etc/nsswitch.conf", O_RDONLY) = 6
16589: open64("/etc/sudoers", O_RDONLY) = 6
16589: open("/etc/sudoers.d", O_RDONLY|O_NDELAY|O_LARGEFILE|O_CLOEXEC|O_DIRECTORY) = 7
16589: open64("/etc/sudoers.d/svc-system-config-user", O_RDONLY) = 7
16589: open("/lib/libpam.so.1", O_RDONLY) = 7
16589: open("/etc/pam_debug", O_RDONLY) Err#2 ENOENT
16589: open("/dev/conslog", O_WRONLY|O_TPDSAFE) = 7
User root may run the following commands on sopc-sp-v01:
(ALL) ALL
root@sopc-sp-v01:~# cat /etc/sudoers
sudoers sudoers.d/
root@sopc-sp-v01:~# cat /etc/sudoers.d/svc-system-config-user
sam ALL=(ALL) ALL
root@sopc-sp-v01:~#
root@sopc-sp-v01:~# egrep ADMINS /etc/sudoers
# User_Alias ADMINS = millert, dowdy, mikef
User_Alias ADMINS = janderson, sam, janderson_adm, sam_adm
ADMINS ALL=(ALL) NOPASSWD: ALL
root@sopc-sp-v01:~#
root@sopc-sp-v01:~# vi /etc/sudoers.d/svc-system-config-user
root@sopc-sp-v01:~# cat /etc/sudoers.d/svc-system-config-user
root@sopc-sp-v01:~#
root@sopc-sp-v01:~# logout
No comments:
Post a Comment