I am using SunOS 5.10 Generic_147441-24 i86pc i386 i86pc
if i run
which sudo
i get the below
/opt/sfw/bin
when i run "sudo -l" i get the below
User localuser may run the following commands on this host:
(root) NOPASSWD: /sbin/ifconfig
for "visudo"
visudo
-bash: visudo: command not found
also /etc/sudoers file does not exist in the box.
Please help me configure sudo, how it is possible with out the sudoers file.
Perhaps you should have a look at Sun (Oracle) RBAC for accounts, rather than rely on sudo in Solaris? It is unclear from your post why you must use sudo, but if you are not calling sudo from a script, it might be worth your while to read: http://docs.oracle.com/cd/E23824_01/html/821-1456/rbac-1.html
I've never seen the sudo binary exist in /opt, so my first thought would be that your visudo binary is not in your path, or the sudo package you installed does not contain the visudo binary. Either way you may consider downloading the sudo package again and reinstalling.
To see if your visudo binary exists anywhere:
find / -name visudo -print
If you find nothing, remember you do not explicitly need visudo to use sudo -- it's there as a checkpoint for making sure that you do not save and exit a sudoers file that has errors, thus possibly compromising your ability to edit it again or to break sudo for all users on the host.
Also note that /etc/sudoers can start off empty, just fill it in with your sudo rules. For example, to provide sudo all commands on that host for a user without prompting for a password:
userid ALL=(ALL) NOPASSWD: ALL
That particular user ID can run "sudo -l" to list the sudo rules available to it. You could do this even just to test that sudo is in fact working on your host.
You could easily get the location of the sudoers file from sudo binary itself by doing this
cat $(which sudo) | strings | grep /sudoers
Then, you would know what file to modify.
Related
I am runnin OSX 10.9.5 and while trying to reset my MySQL root pasword I typed this:
sudo mysqld_safe --skip-grant-tables
After being asked for the admin password, I got this error :
sudo: mysqld_safe: command not found
I wrote this in
cd /usr/local/mysql
Also, I have a problem with the sudo command, event though I am logged on the admin account my account, It gives me often permission denied, like using this command for basically the same problem ( reseting my root password )
sudo kill cat /usr/local/mysql/data/rodongi.pid
I then got
cat: /usr/local/mysql/data/rodongi.pid: Permission denied
Password:
After entering the password …
usage: kill [-s signal_name] pid ...
kill -l [exit_status]
kill -signal_name pid ...
kill -signal_number pid ...
I have no idea why
1) I dont have the permission even though I used the sudo command( and another time sudo!! )
2) Why msql-bash doesn't not recognise the mysql and mysqld command ( I also tried in terminal-bash;does not work either)
First problem
You're trying to execute the command mysqld_safe, so that command should be on the PATH where the terminal looks for commands. (You can view these locations by running echo $PATH. The different locations are separated with a colon).
Since you're trying to run a file that is in the local directory you should type ./mysqld_safe to tell the shell that you're giving a path to file, otherwise it'll search for it in the PATH. (You can run the file from anywhere by specifying the full path).
Another solution is to make a symbolic link in /usr/local/bin/ that points to /usr/local/mysql/mysqld_safe` (which is the path to the command if I understood you correctly). That way you can run the command from anywhere because it's in the path the shell is looking for.
Second Problem
The cat command surrounded by backticks is executed by the shell before running the sudo command (If the file was readable for everyone the shell will execute something like: sudo kill 12345).
To run the cat as root you should run this command:
sudo bash -c 'kill `cat /usr/local/mysql/data/rodongi.pid`'
That way, you run bash as root, which in turn runs the kill command, and thus reads the rodongi.pid file as root.
I am trying to mount a remote filesystem on Google Container Engine. I am following this tutorial: https://www.digitalocean.com/community/tutorials/how-to-use-sshfs-to-mount-remote-file-systems-over-ssh
Using following sshfs command:
sudo sshfs -o sshfs_debug,allow_other <instance-name>.<region>.<project_id>:/home/<user_name> /mnt/gce-container
I am getting error:
SSHFS version 2.5
read: Connection reset by peer
I referred this link https://cloud.google.com/sdk/gcloud/reference/compute/config-ssh
and could login using ssh via following command:
$gcloud compute config-ssh
$ssh <instance-name>.<region>.<project_id>
Any ideas what might be going wrong here? I can't understand what keys and username should I use for sshfs login.
Update(11/5):
I am using following command:
sshfs -o IdentityFile=~/.ssh/google_compute_engine <user>#<ip>:~/ /mnt/gce`
I have chowned /mnt/gce folder for my user. I checked the IP matches the entry in ~/.ssh/config file. However I still get the error read: Connection reset by peer
The problem with command below is that
1) unless you have a static IP, it keeps changing on machine reboot
2) you need to use .pub file
sshfs -o IdentityFile=~/.ssh/google_compute_engine <user>#<ip>:~/ /mnt/gce
I finally got it working by following command:
sudo mkdir /mnt/gce
sudo chown <user> /mnt/gce
sshfs -o IdentityFile=~/.ssh/google_compute_engine.pub <user_name>#<instance-name>.<region>.<project_id>:/home/<user_name> /mnt/gce
A few things that might be the cause of the problem:
Don't use sshfs as root. It's a FUSE filesystem and meant to be user mounted.
Don't specify a full path as the remote FS. It's SSH, so by default, the $PWD on the remote side is the login user's $HOME.
if ssh works, sshfs will work. The easiest way is to make sure that ~/.ssh/config has an entry for the remote host with the user, port, etc provided.
If you get this from sshfs
read: Connection reset by peer
maybe help to set file to read only
chmod 400 /{{path_to_your_key}}/keypair.pem
and connect again.
I just configured jenkins and in the pre-build steps i am trying to restart jenkins but i end up with the following error
Commencing build of Revision c5b9f8daac092efc5396d80f568a2cf89ae8b697 (origin/HEAD, origin/master)
Checking out Revision c5b9f8daac092efc5396d80f568a2cf89ae8b697 (origin/HEAD, origin/master)
No change to record in branch origin/HEAD
No change to record in branch origin/master
[webapp] $ /bin/sh -xe /tmp/hudson5215632082686866774.sh
+ sudo /etc/init.d/mysql restart
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: 3 incorrect password attempts
Build step 'Execute shell' marked build as failure
Finished: FAILURE
I googled and saw some answers at Jenkins out of nowhere starts failing with sudo: no tty present and no askpass program specified
But unfortunately that didn't help me
My /etc/sudoers looks like this
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
# Members of the admin group may gain root privileges
%admin ALL=(ALL) NOPASSWD: ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
By adding the following:
Defaults:username !authenticate
to your /etc/sudoers
you should not get the error but this username will be accessible without asking for a password
The "no tty present" error indicates that you have the 'requiretty' setting in your sudoers file. In your case, it is probably in /etc/sudoers.d.
Once this line is there, it does not matter what group you are in - sudo will require a tty whenever it is executed.
To get around this, you need to either remove (or comment out) the requiretty line in the configuration file, or add a line to exclude your user from the requiretty setting. You can see how to do that here:
Disable requiretty per user
Please use the "id" command and paste the output. Only if you are in admin group then you don't need password but for all other even though you have access but you need to type the sudo password. In this case sudo doesn't have a tty to ask for the password and hence the error.
One solution could be, don't use sudo only for mysql restart, instead run the entire script as sudo "sudo {your script path}" in this case sudo will have the terminal to ask for the password.
I'm a new fish for hadoop.I installed Ubuntu 12.10 on my computer and I wanna install Hadoop in pseudo-distributed mode on one single node.I searched and get lots of tutorials but I have a problem with the SSH.I did what the tutorial said.
I am sure the problem is about the SSH.I get the openssh-server,and had done this:
hadoop00#WebsoftStation:~$ssh-keygen -t dsa -P "" -f ~/.ssh/id_dsa
hadoop00#WebsoftStation:~/.ssh$cat ~/.ssh/id_dsa.pub >> authorized_keys
Then I can successfully ssh my localhost like this:
hadoop00#WebsoftStation:~$ssh localhost
It worked.
So I changed the path to hadoop and then:
hadoop00#WebsoftStation:/usr/local/hadoop$ sudo bin/start-all.sh
[sudo] password for hadoop00:
starting namenode, logging to /usr/local/hadoop/libexec/../logs/hadoop-root-namenode-WebsoftStation.out
root#localhost's password:
root#localhost's password: localhost: Permission denied, please try again.
So,what's the problem?
You have setup password-less ssh for only your current account. Since, when you can use ssh localhost without any problem, the thing you need to do next is giving execution permission to your scripts.
Execute the following commands:
chmod +x bin/*.sh ---> assigns execution permission to all the scripts
./start.all ----> executes the script
Note: Hadoop can also be run without having password-less ssh setup using hadoop-daemon.sh script. The only advantage with password-less ssh is that, the ./start.all, script will take the trouble of doing that on behalf of you in each of the nodes.
You need to change permissions for your Hadoop folder to be owned by the hadoop00 user:
cd /usr/local/
sudo chown -R hadoop00:hadoop00 /usr/local/hadoop
Then you can cd into the sbin folder and run things without sudo. If you use sudo you're running the scripts as root which has different environment variables etc which is why you have a different behavior.
Why are you using sudo this is clearly a permission problem.
Try running this without sudo
bin/start-all.sh
I need a generic way to install MySQL 5.5 in almost any Linux OS from non-root User. Hence I thought to install MySQL from its source and install it where ever I need.
Is it really possible to install MySQL in non-root user home?
Anybody have any idea for this? Please do share your expertise for the same.
Major constraint here is that, I need to install MySQL 5.5 from any non-root User in a Generic way And possibly for almost any Linux OS.
Any suggestion would be appreciated.
Thanks.
CONCLUSION
I've tried with Ubuntu-11.10, finally I was able to install MySQL-5.5 from non-root user with the constraint that MySQL is not accessible from console/command prompt. As mysqld is up and running fine hence MySQL was easily accessible via any GUI tool which connects to MySQL via JDBC connectors. If you try to access mysql from command prompt using
mysql -u root -p
command it was giving segmentation fault problem. One more thing I tried for Fedora Linux also from Non-Root user, in that mysqld was failing and can't access mysql anyway :( .
You should customize this three variables:
MYSQL_DATADIR
SYSCONFDIR
CMAKE_INSTALL_PREFIX
Example:
$ cd <mysql_src_dir>
$ cmake -i .
Would you like to see advanced options? [No]:Yes
Please wait while cmake processes CMakeLists.txt files....
...
Variable Name: CMAKE_INSTALL_PREFIX
Description: install prefix
Current Value: /usr/local/mysql
New Value (Enter to keep current value): /home/user/mysql
...
Variable Name: MYSQL_DATADIR
Description: default MySQL data directory
Current Value: /usr/local/mysql/data
New Value (Enter to keep current value): /home/user/mysql/data
...
Variable Name: SYSCONFDIR
Description: config directory (for my.cnf)
Current Value: /usr/local/mysql/etc
New Value (Enter to keep current value): /home/user/mysql/etc
$ make
$ make install
Instead of cmake -i . you can use cmake -D MYSQL_DATADIR=/home/user/mysql/data -D SYSCONFDIR=/home/user/mysql/etc -D CMAKE_INSTALL_PREFIX=/home/user/mysql .
I imagine this should be possible but not necessarily easy to do. You would need to build from source and change the Makefile so that the install target points to the user's local directory; additionally, I would think that you'd need to mess around with other default configuration options in MySQL, which can also be changed from configuration files. In the end, you should be able to launch mysqld as long as you don't bind to any port below 1000 (which is the case anyway since MySQL runs by default on port 3306).