sudoers ?

F

flugopa

Verbindung mit root = OK, aber user1 nicht.
Warum?


Unter root = OK
Code:
[root@PC1600 ~]# mount.cifs //PC2400/netlogon /home/user1/pc2400 -o user=user1
Password: 
[root@PC1600 ~]# mo
/dev/sda2                       on  /                         type  ext3         (rw)
proc                            on  /proc                     type  proc         (rw)
sysfs                           on  /sys                      type  sysfs        (rw)
devpts                          on  /dev/pts                  type  devpts       (rw,gid=5,mode=620)
/dev/sda6                       on  /home                     type  ext3         (rw)
/dev/sda5                       on  /usr/local                type  ext3         (rw)
/dev/sda1                       on  /boot                     type  ext3         (rw)
tmpfs                           on  /dev/shm                  type  tmpfs        (rw)
none                            on  /proc/sys/fs/binfmt_misc  type  binfmt_misc  (rw)
sunrpc                          on  /var/lib/nfs/rpc_pipefs   type  rpc_pipefs   (rw)
nfsd                            on  /proc/fs/nfsd             type  nfsd         (rw)
pc2400.netzwerk.local:/PLATTE2  on  /PC2400                   type  nfs          (ro,addr=192.168.1.10)
/dev/ram0                       on  /mnt/rd                   type  ext2         (rw)
//PC2400/netlogon               on  /home/user1/pc2400        type  cifs         (rw,mand)

mit user=user1
Code:
[user1@PC1600 ~]$ mount.cifs //PC2400/netlogon ~/pc2400 -o user=user1
bash: mount.cifs: command not found
[user1@PC1600 ~]$ /sbin/mount.cifs //PC2400/netlogon ~/pc2400 -o user=user1
Password: 
mount error 1 = Operation not permitted
Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)


sudoers
Code:
[root@PC1600 ~]# less /etc/sudoers 
[root@PC1600 ~]# cat /etc/sudoers 
# Host_Alias     FILESERVERS = fs1, fs2
# Host_Alias     MAILSERVERS = smtp, smtp2

## User Aliases
## These aren't often necessary, as you can use regular groups
## (ie, from files, LDAP, NIS, etc) in this file - just use %groupname 
## rather than USERALIAS
# User_Alias ADMINS = jsmith, mikem

## Command Aliases
## These are groups of related commands...

## Networking
Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool

Cmnd_Alias RSYNCER = /usr/bin/rsync

## Installation and management of software
Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum

## Services
Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig

## Updating the locate database
Cmnd_Alias LOCATE = /usr/sbin/updatedb

## Storage
Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount

## Delegating permissions
Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp 

## Processes
Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall

## Drivers
Cmnd_Alias DRIVERS = /sbin/modprobe

# Defaults specification
#
# Disable "ssh hostname sudo <cmd>", because it will show the password in clear. 
#         You have to run "ssh -t hostname sudo <cmd>".
#
Defaults    requiretty
Defaults    env_reset
Defaults    env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \
                        LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \
                        LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \
                        LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \
                        LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \
                        _XKB_CHARSET XAUTHORITY"

## Next comes the main part: which users can run what software on 
## which machines (the sudoers file can be shared between multiple
## systems).
## Syntax:
##
##      user    MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere 
root    ALL=(ALL)       ALL

## Allows members of the 'sys' group to run networking, software, 
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS

## Allows people in group wheel to run all commands
# %wheel        ALL=(ALL)       ALL

## Same thing without a password
%wheel  ALL=(ALL)       NOPASSWD: ALL
# %GRP_USERS    ALL=(ALL)       NOPASSWD: ALL

## Allows members of the users group to mount and unmount the cdrom as root
%users localhost=/sbin/mount /mnt/cdrom
%users localhost=/sbin/mount.cifs /sbin/umount.cifs

## Allows members of the users group to shutdown this system
%users  localhost=/sbin/shutdown -h now

# %GRP_USERS ALL = /sbin/mount, /sbin/mount.nfs NOPASSWD: ALL


Code:
[root@PC1600 ~]# grep user1 /etc/group
wheel:x:10:root,user1
user1:x:506:

[root@PC1600 ~]# grep user1 /etc/passwd
user1:x:500:506::/home/user1:/bin/bash

Ich glaube ich habe Tomaten auf den Augen, weshalb ich den Fehler nicht sehe.
 
wenn du schon so schoen die sudoers vorbereitet hast, wieso mountest du dann ohne sudo?
 
Aus ~ mach den absoluten Pfad, klatsch das sudo vor den Aufruf (siehe Rvg) und ab die Post.
 
wenn du schon so schoen die sudoers vorbereitet hast, wieso mountest du dann ohne sudo?

Oh Mann oh Mann, es gibt Tage da steht vor dem Tor...

Du hast Recht:
Code:
sudo /sbin/mount.cifs //PC2400/homes ~/pc2400/ -ouser=$USERNAME nospec
 

Ähnliche Themen

NGINX bietet intern abgerufene Seiten nur zum Download an, extern geht's

Dovecot: Geteilte Postfächer (Shared Mailboxes) funktionieren nicht

Nginx als Reverse Proxy für Nextcloud und Emby

Zugriff Ubuntu 16.04. auf Freigabe 18.04. LTS nicht möglich

Adressvergabe in anderen Subnets

Zurück
Oben