[prev in list] [next in list] [prev in thread] [next in thread]
List: macports-users
Subject: Re: Insufficient privileges?
From: Bradley Giesbrecht <pixilla () macports ! org>
Date: 2011-04-28 21:18:42
Message-ID: ED66C9DB-096F-4C27-8E79-DC9E838CDFA8 () macports ! org
[Download RAW message or body]
On Apr 28, 2011, at 12:42 PM, John B Brown wrote:
> Dear Alex,
>
> In the original source for sudo there is a configure condition that must be met \
> for group members;
> "--with-exempt=group no passwd needed for users in this group"
>
> Which condition do you think Apple set for this? Your group 'sudoers' or 'wheel' \
> or some other condition? I suspect this condition is unset as delivered by Apple.
> Or, possibly, this original configuration is unnecessary? Just a waste of \
> programming space?
> Some errors come from reworking an original program for proprietary motives, and \
> ignoring the original configuration conditions. The group I use for purposes of \
> system maintenance is 'wheel.' The original version includes in a sudoers script;
> "
> # Uncomment to allow people in group wheel to run all commands
> # %wheel ALL=(ALL) ALL
>
> # Same thing without a password
> # %wheel ALL=(ALL) NOPASSWD: ALL
> "
>
> Uncommenting the wheel lines in sudoers using the Apple delivered sudo does not \
> provide NOPASSWD action for group 'wheel.' Compiling original source with \
> '--with-exempt=wheel' provides wheel with NOPASSWD action. Under that condition \
> /etc/sudoers seems to work correctly. Apples compile seems not to provide that \
> correct action.
> Myself, I don't use those 'wheel' lines in sudoers. I set my user for the second \
> condition above. That way, as member of group wheel, I get to use sudo without a \
> password because I compile sudo source using --with-exempt=wheel. Otherwise, I will \
> be asked for a password.
> Or maybe its an Apple OS group permissions thing and mine are not correctly set?
John, I don't have this NOPASSWD issue. Did you add yourself to the wheel group?
pillbox:pixilla brad$ sudo which sudo
/usr/bin/sudo
pillbox:pixilla brad$ sudo grep -E "^%wheel" /etc/sudoers
%wheel ALL=(ALL) NOPASSWD: ALL
pillbox:pixilla brad$ dscl localhost -read /Local/Default/Groups/wheel | grep \
GroupMembership
GroupMembership: root brad
Regards,
Bradley Giesbrecht (pixilla)
_______________________________________________
macports-users mailing list
macports-users@lists.macosforge.org
http://lists.macosforge.org/mailman/listinfo.cgi/macports-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic