Why doesn't root need the password to run “sudo” even when “NOPASSWD:ALL” isn't written in...
Can somebody explain Brexit in a few child-proof sentences?
Is there an wasy way to program in Tikz something like the one in the image?
Can I Retrieve Email Addresses from BCC?
Golf game boilerplate
Superhero words!
Can the harmonic series explain the origin of the major scale?
Have I saved too much for retirement so far?
Is there a problem with hiding "forgot password" until it's needed?
For airliners, what prevents wing strikes on landing in bad weather?
Taylor series of product of two functions
Can the electrostatic force be infinite in magnitude?
A known event to a history junkie
Calculating the number of days between 2 dates in Excel
Freedom of speech and where it applies
What is the term when two people sing in harmony, but they aren't singing the same notes?
Proving by induction of n. Is this correct until this point?
Word describing multiple paths to the same abstract outcome
The One-Electron Universe postulate is true - what simple change can I make to change the whole universe?
Why does this part of the Space Shuttle launch pad seem to be floating in air?
Reply ‘no position’ while the job posting is still there (‘HiWi’ position in Germany)
How do I repair my stair bannister?
Would it be legal for a US State to ban exports of a natural resource?
Simulating a probability of 1 of 2^N with less than N random bits
How to deal with or prevent idle in the test team?
Why doesn't root need the password to run “sudo” even when “NOPASSWD:ALL” isn't written in /etc/sudoers [duplicate]
2019 Community Moderator ElectionWhy can `root` run any command as any user without providing password?sudo no password breaks other sudo -u usesExecute shell script from php, as root user?How do I get simple scripts which seem to need root priveliges to run via the www-data user?Is it safe to disable password for a user, if it only uses SSH key login?Use current user environment variable in sudoers fileParallels on Mac - can no longer sudo within UbuntuWhat does “ALL ALL=(ALL) ALL” mean in sudoers?Why do I still need to run shutdown as sudo after this?Checking sudoers without root?IPTABLES and sudoers file issue
This question already has an answer here:
Why can `root` run any command as any user without providing password?
2 answers
In /etc/sudoers, there is always:
root ALL=(ALL:ALL) ALL
However, the root user (with UID 0) doesn't need to enter password when they run sudo command.
For other users, a password is required unless their entry contains NOPASSWD or a previous authentication hasn't timed out:
user ALL=(ALL:ALL) NOPASSWD:ALL
^^^^^^^^
linux sudo root
asked 23 hours ago
iBugiBug
1,0181031
marked as duplicate by muru, roaima, msp9011, nwildner, Anthony Geoghegan 15 hours ago
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
add a comment |
This question already has an answer here:
Why can `root` run any command as any user without providing password?
2 answers
In /etc/sudoers, there is always:
root ALL=(ALL:ALL) ALL
However, the root user (with UID 0) doesn't need to enter password when they run sudo command.
For other users, a password is required unless their entry contains NOPASSWD or a previous authentication hasn't timed out:
user ALL=(ALL:ALL) NOPASSWD:ALL
^^^^^^^^
linux sudo root
asked 23 hours ago
iBugiBug
1,0181031
marked as duplicate by muru, roaima, msp9011, nwildner, Anthony Geoghegan 15 hours ago
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
This is a bit weird actually. Even though you'd usually usesudoto run commands as UID 0, and root is already UID 0 and there's nothing to gain by stopping them,sudostill requires the config line forrootto be there. Without it, it tells even root to bugger off.
– ilkkachu
19 hours ago
Cause it isroot. What would you gain runningsudoas root? "Beyond Root"? "Who watch the Watchmen?"
– nwildner
16 hours ago
add a comment |
This question already has an answer here:
Why can `root` run any command as any user without providing password?
2 answers
In /etc/sudoers, there is always:
root ALL=(ALL:ALL) ALL
However, the root user (with UID 0) doesn't need to enter password when they run sudo command.
For other users, a password is required unless their entry contains NOPASSWD or a previous authentication hasn't timed out:
user ALL=(ALL:ALL) NOPASSWD:ALL
^^^^^^^^
linux sudo root
asked 23 hours ago
iBugiBug
1,0181031
This question already has an answer here:
Why can `root` run any command as any user without providing password?
2 answers
In /etc/sudoers, there is always:
root ALL=(ALL:ALL) ALL
However, the root user (with UID 0) doesn't need to enter password when they run sudo command.
For other users, a password is required unless their entry contains NOPASSWD or a previous authentication hasn't timed out:
user ALL=(ALL:ALL) NOPASSWD:ALL
^^^^^^^^
This question already has an answer here:
Why can `root` run any command as any user without providing password?
2 answers
linux sudo root
linux sudo root
asked 23 hours ago
iBugiBug
1,0181031
asked 23 hours ago
iBugiBug
1,0181031
edited 23 hours ago
iBug
asked 23 hours ago
iBugiBug
1,0181031
asked 23 hours ago
iBugiBug
1,0181031
asked 23 hours ago
iBugiBug
1,0181031
1,0181031
marked as duplicate by muru, roaima, msp9011, nwildner, Anthony Geoghegan 15 hours ago
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
marked as duplicate by muru, roaima, msp9011, nwildner, Anthony Geoghegan 15 hours ago
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
This is a bit weird actually. Even though you'd usually usesudoto run commands as UID 0, and root is already UID 0 and there's nothing to gain by stopping them,sudostill requires the config line forrootto be there. Without it, it tells even root to bugger off.
– ilkkachu
19 hours ago
Cause it isroot. What would you gain runningsudoas root? "Beyond Root"? "Who watch the Watchmen?"
– nwildner
16 hours ago
add a comment |
This is a bit weird actually. Even though you'd usually usesudoto run commands as UID 0, and root is already UID 0 and there's nothing to gain by stopping them,sudostill requires the config line forrootto be there. Without it, it tells even root to bugger off.
– ilkkachu
19 hours ago
Cause it isroot. What would you gain runningsudoas root? "Beyond Root"? "Who watch the Watchmen?"
– nwildner
16 hours ago
This is a bit weird actually. Even though you'd usually use
sudo to run commands as UID 0, and root is already UID 0 and there's nothing to gain by stopping them, sudo still requires the config line for root to be there. Without it, it tells even root to bugger off.– ilkkachu
19 hours ago
This is a bit weird actually. Even though you'd usually use
sudo to run commands as UID 0, and root is already UID 0 and there's nothing to gain by stopping them, sudo still requires the config line for root to be there. Without it, it tells even root to bugger off.– ilkkachu
19 hours ago
Cause it is
root. What would you gain running sudo as root? "Beyond Root"? "Who watch the Watchmen?"– nwildner
16 hours ago
Cause it is
root. What would you gain running sudo as root? "Beyond Root"? "Who watch the Watchmen?"– nwildner
16 hours ago
add a comment |
2 Answers
2
active
oldest
votes
sudo allows users to execute commands as UID 0 (or other users) based on how it’s configured. There is no need to ask root for a password to run a command as UID 0, because it already is UID 0.
Furthermore, root can also su to anyone it’d like, so there’s no need to prompt for a password when executing sudo -u user as UID 0.
Note: I do believe there is a PAM setting that will even require root to provide a password for the target user when using su.
answered 23 hours ago
PeschkePeschke
2,841926
add a comment |
While this is an interesting inconsistency. It would be pointless in stopping root, as root has capabilities CAP_SETUID and CAP_SETGID, so does not need sudo. It can do what ever it want.
If sudo is checking root, and not these capabilities, then there may be a latent-bug: root with no capabilities could escalate (I don't know I have not looked at the code, or tested).
answered 22 hours ago
ctrl-alt-delorctrl-alt-delor
12.1k42561
add a comment |
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
sudo allows users to execute commands as UID 0 (or other users) based on how it’s configured. There is no need to ask root for a password to run a command as UID 0, because it already is UID 0.
Furthermore, root can also su to anyone it’d like, so there’s no need to prompt for a password when executing sudo -u user as UID 0.
Note: I do believe there is a PAM setting that will even require root to provide a password for the target user when using su.
answered 23 hours ago
PeschkePeschke
2,841926
add a comment |
sudo allows users to execute commands as UID 0 (or other users) based on how it’s configured. There is no need to ask root for a password to run a command as UID 0, because it already is UID 0.
Furthermore, root can also su to anyone it’d like, so there’s no need to prompt for a password when executing sudo -u user as UID 0.
Note: I do believe there is a PAM setting that will even require root to provide a password for the target user when using su.
answered 23 hours ago
PeschkePeschke
2,841926
add a comment |
sudo allows users to execute commands as UID 0 (or other users) based on how it’s configured. There is no need to ask root for a password to run a command as UID 0, because it already is UID 0.
Furthermore, root can also su to anyone it’d like, so there’s no need to prompt for a password when executing sudo -u user as UID 0.
Note: I do believe there is a PAM setting that will even require root to provide a password for the target user when using su.
answered 23 hours ago
PeschkePeschke
2,841926
sudo allows users to execute commands as UID 0 (or other users) based on how it’s configured. There is no need to ask root for a password to run a command as UID 0, because it already is UID 0.
Furthermore, root can also su to anyone it’d like, so there’s no need to prompt for a password when executing sudo -u user as UID 0.
Note: I do believe there is a PAM setting that will even require root to provide a password for the target user when using su.
answered 23 hours ago
PeschkePeschke
2,841926
answered 23 hours ago
PeschkePeschke
2,841926
answered 23 hours ago
PeschkePeschke
2,841926
answered 23 hours ago
PeschkePeschke
2,841926
2,841926
add a comment |
add a comment |
While this is an interesting inconsistency. It would be pointless in stopping root, as root has capabilities CAP_SETUID and CAP_SETGID, so does not need sudo. It can do what ever it want.
If sudo is checking root, and not these capabilities, then there may be a latent-bug: root with no capabilities could escalate (I don't know I have not looked at the code, or tested).
answered 22 hours ago
ctrl-alt-delorctrl-alt-delor
12.1k42561
add a comment |
While this is an interesting inconsistency. It would be pointless in stopping root, as root has capabilities CAP_SETUID and CAP_SETGID, so does not need sudo. It can do what ever it want.
If sudo is checking root, and not these capabilities, then there may be a latent-bug: root with no capabilities could escalate (I don't know I have not looked at the code, or tested).
answered 22 hours ago
ctrl-alt-delorctrl-alt-delor
12.1k42561
add a comment |
While this is an interesting inconsistency. It would be pointless in stopping root, as root has capabilities CAP_SETUID and CAP_SETGID, so does not need sudo. It can do what ever it want.
If sudo is checking root, and not these capabilities, then there may be a latent-bug: root with no capabilities could escalate (I don't know I have not looked at the code, or tested).
answered 22 hours ago
ctrl-alt-delorctrl-alt-delor
12.1k42561
While this is an interesting inconsistency. It would be pointless in stopping root, as root has capabilities CAP_SETUID and CAP_SETGID, so does not need sudo. It can do what ever it want.
If sudo is checking root, and not these capabilities, then there may be a latent-bug: root with no capabilities could escalate (I don't know I have not looked at the code, or tested).
answered 22 hours ago
ctrl-alt-delorctrl-alt-delor
12.1k42561
answered 22 hours ago
ctrl-alt-delorctrl-alt-delor
12.1k42561
answered 22 hours ago
ctrl-alt-delorctrl-alt-delor
12.1k42561
answered 22 hours ago
ctrl-alt-delorctrl-alt-delor
12.1k42561
12.1k42561
add a comment |
add a comment |
This is a bit weird actually. Even though you'd usually use
sudoto run commands as UID 0, and root is already UID 0 and there's nothing to gain by stopping them,sudostill requires the config line forrootto be there. Without it, it tells even root to bugger off.– ilkkachu
19 hours ago
Cause it is
root. What would you gain runningsudoas root? "Beyond Root"? "Who watch the Watchmen?"– nwildner
16 hours ago