Download | Devuan.org | Git | Bugs | Packages

The officially official Devuan Forum!

You are not logged in.

Pages: 1

#1 Yesterday 12:44:41

gipi
Member
Registered: 2020-06-03
Posts: 18  

[SOLVED] Shutdown without being prompted for sudo password

I am using openbox and Excalibur, and I can't figure out how to execute /usr/sbin/shutdown without being prompted to input a password. I have edited visudo to look like this:

# User privilege specification
root ALL=(ALL:ALL) ALL
myusername ALL=(ALL)ALL
myusername ALL=(ALL) NOPASSWD: /usr/sbin/shutdown

#Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL

but still when I, logged in as myusername, type 'sudo /usr/sbin/shutdown -h now' I need to give a password. What am I missing? This wasn't an issue on daedalus.

Offline

#2 Yesterday 13:13:58

RedGreen925
Member
Registered: 2024-12-07
Posts: 290  

Re: [SOLVED] Shutdown without being prompted for sudo password

What am I missing?

Appears you have it formatted incorrectly. This what I use forit with a file in the sudoers.d directory to tell it the settings to use, it works flawlessly.

root@9600k:~# cat /etc/sudoers.d/zeus
# User privilege specification
zeus    ALL=(ALL:ALL) NOPASSWD: ALL

And you do not to be in the sudo group to use it this way.

zeus@9600k:~$ groups
zeus cdrom floppy audio dip video plugdev users netdev bluetooth lpadmin scanner
zeus@9600k:~$ fdisk -l
fdisk: cannot open /dev/nvme1n1: Permission denied
fdisk: cannot open /dev/nvme0n1: Permission denied
fdisk: cannot open /dev/sda: Permission denied
fdisk: cannot open /dev/sdb: Permission denied

zeus@9600k:~$ sudo fdisk -l
Disk /dev/nvme1n1: 476.94 GiB, 512110190592 bytes, 1000215216 sectors
Disk model: SPCC M.2 PCIe SSD                       
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: CBEC129E-0D94-4784-A2DC-3E5F15FBF4C3

Device             Start        End   Sectors   Size Type
/dev/nvme1n1p1      2048     411647    409600   200M EFI System
/dev/nvme1n1p2    411648   84297727  83886080    40G Linux filesystem
/dev/nvme1n1p3  84297728  252069887 167772160    80G Linux filesystem
/dev/nvme1n1p4 252069888 1000215182 748145295 356.7G Linux filesystem

Disk /dev/nvme0n1: 3.64 TiB, 4000787030016 bytes, 7814037168 sectors
Disk model: CT4000P3SSD8                            
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 9DF2CDC4-F766-486D-AA06-ADDFBAEF6A1C

Device              Start        End    Sectors  Size Type
/dev/nvme0n1p1       2048     411647     409600  200M EFI System
/dev/nvme0n1p2     411648   84297727   83886080   40G Linux filesystem
/dev/nvme0n1p3   84297728  252069887  167772160   80G Linux filesystem
/dev/nvme0n1p4  252069888 1594247167 1342177280  640G Linux filesystem
/dev/nvme0n1p5 1594247168 7814035455 6219788288  2.9T Linux filesystem

Disk /dev/sda: 447.13 GiB, 480103981056 bytes, 937703088 sectors
Disk model: MKNSSDE3480GB   
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: D4AAE03C-25EB-4FF0-BA58-E541CA6CDD77

Device         Start       End   Sectors   Size Type
/dev/sda1         40    409639    409600   200M EFI System
/dev/sda2     409640  84295719  83886080    40G Linux filesystem
/dev/sda3   84295720 235046911 150751192  71.9G Linux filesystem
/dev/sda4  235046912 937177087 702130176 334.8G Linux filesystem

Disk /dev/sdb: 5.46 TiB, 6001175126016 bytes, 11721045168 sectors
Disk model: WDC WD60EZRZ-00G
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Disklabel type: gpt
Disk identifier: 8057E6FD-95D1-4FAA-A427-E687AB7F0423

Device     Start         End     Sectors  Size Type
/dev/sdb1   2048 11721045134 11721043087  5.5T Linux filesystem

Offline

#3 Yesterday 13:31:28

steve_v
Member
Registered: 2018-01-11
Posts: 634  

Re: [SOLVED] Shutdown without being prompted for sudo password

RedGreen925 wrote:
zeus    ALL=(ALL:ALL) NOPASSWD: ALL

Sure, if the goal is to completely negate any security benefit of sudo and make 'zeus' effectively root. The OP is trying to match a specific command, not allow everything under the sun.

gipi wrote:

What am I missing?

Possibly the incomplete host specification... Testing

Last edited by steve_v (Yesterday 13:35:18)

Once is happenstance. Twice is coincidence. Three times is enemy action. Four times is Official GNOME Policy.

Offline

#4 Yesterday 13:38:57

rolfie
Member
Registered: 2017-11-25
Posts: 1,403  

Re: [SOLVED] Shutdown without being prompted for sudo password

I would give this a try:

myusername ALL=(root) NOPASSWD: /usr/sbin/shutdown

Offline

#5 Yesterday 13:39:57

steve_v
Member
Registered: 2018-01-11
Posts: 634  

Re: [SOLVED] Shutdown without being prompted for sudo password

steve ALL=(ALL) NOPASSWD: /usr/sbin/shutdown

Works fine here (excalibur):

$ sudo shutdown -k now

Broadcast message from root@damnation (pts/2) (Sun Feb  8 02:38:31 2026):

The system is going down to maintenance mode NOW!

Broadcast message from root@damnation (pts/2) (Sun Feb  8 02:38:31 2026):

The system is going down to maintenance mode NOW!

Shutdown cancelled.

/usr/sbin/shutdown is the realpath to the shutdown binary on your system, right? No symlink shenanigans or anything?

Last edited by steve_v (Yesterday 13:46:40)

Once is happenstance. Twice is coincidence. Three times is enemy action. Four times is Official GNOME Policy.

Offline

#6 Yesterday 13:52:36

ralph.ronnquist
Administrator
From: Battery Point, Tasmania, AUS
Registered: 2016-11-30
Posts: 1,591  

Re: [SOLVED] Shutdown without being prompted for sudo password

the man page wrote:

When multiple entries match for a  user,  they  are  applied  in  order. Where  there  are multiple matches, the last match is used (which is not necessarily the most specific match).

In your case it looks like

%sudo ALL=(ALL:ALL) ALL

is the last matching entry, at least when the shutdown user is in the sudo group.

Online

#7 Yesterday 14:41:00

steve_v
Member
Registered: 2018-01-11
Posts: 634  

Re: [SOLVED] Shutdown without being prompted for sudo password

Nice, that'd do it... And learn me for focusing on the specific line rather than looking at the whole code block.
Can replicate the OPs problem here if there's another match later in the file (or in /etc/sudoers.d/*, since '@includedir /etc/sudoers.d' appears to be the last entry in a default install).

Aside, if there's a prize for most intimidatingly dense man page, I'm pretty confident 'sudoers' is a strong contender. tongue

Last edited by steve_v (Yesterday 14:43:25)

Once is happenstance. Twice is coincidence. Three times is enemy action. Four times is Official GNOME Policy.

Offline

#8 Yesterday 21:42:27

gipi
Member
Registered: 2020-06-03
Posts: 18  

Re: [SOLVED] Shutdown without being prompted for sudo password

Thanks ralph.ronnquist, that did it. Editing visudo so that its like this:

%sudo ALL=(ALL:ALL) ALL
myusername ALL=(ALL:ALL) NOPASSWD: /usr/sbin/shutdown

did the job. I.E. the specific override must be after the %sudo line.

Offline

Pages: 1

Board footer

Forum Software