What type of hardware are you using: Raspberry Pi 3, 4+
What YunoHost version are you running: 12.1.25
How are you able to access your server: The webadmin
SSH
Are you in a special context or did you perform specific tweaking on your YunoHost instance ?: no
Describe your issue
I can’t use sudo without having to enter my password, I’ve tried many different config in sudoers but I’ve ran out of ideas.
Currently if I type
myusername@hostname:~ $ sudo -l
Matching Defaults entries for myusername on hostname:
env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin, env_keep+=NO_AT_BRIDGE,
env_keep+=DPKG_DEB_THREADS_MAX, timestamp_type=global, env_keep+="http_proxy HTTP_PROXY", env_keep+="https_proxy HTTPS_PROXY", env_keep+="ftp_proxy
FTP_PROXY", env_keep+=RSYNC_PROXY, env_keep+="no_proxy NO_PROXY"
User myusername may run the following commands on hostname:
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(root) ALL
The last rule (root) ALL means the NOPASSWD is overriden somewere.
I’ve tried to put the rule for my user in the last line of /etc/sudoers, like this:
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL=(ALL) NOPASSWD:ALL
%sudo ALL=(ALL) NOPASSWD:ALL
admin ALL=(ALL) NOPASSWD:ALL
@includedir /etc/sudoers.d
myusername ALL=(ALL) NOPASSWD:ALL
But this won’t work.
Also I’ve tried:
- commenting out everything else (
(root) ALLis the only rule in this case) - resetting cache/timestamps with
sudo -k/sudo -K - adding myusername to the groups admins/sudo
Some source suggest it is LDAP related but I have no idea how it works or when It was included in Yunohost (the NOPASSWD work well on my RPi4 with the same Yunohost version, and not on my fresh install on RPi 5).
Do you have an idea?
Share relevant logs or error messages
User myusername may run the following commands on hostname:
(ALL) NOPASSWD: ALL
(ALL) NOPASSWD: ALL
(root) ALL
