[TriLUG] Help with setuid C wrapper script

Ron Kelley rkelleyrtp at gmail.com
Wed Oct 13 09:25:07 EDT 2010

Thanks Kevin.  This got me 99% there.  After using "sudo" in the command, I got this message:

"sudo: sorry, you must have a tty to run sudo"

After a little googling, I found I needed to add an additional line to /etc/sudoers like this:

Defaults:%rmaint !requiretty

This allows the user "rmaint" to run sudo without a tty.  So, the complete lines in /etc/sudoers include:
Defaults:%rmaint !requiretty
rmaint ALL=(root) NOPASSWD: /usr/bin/tail -100 /var/log/messages, /usr/bin/tail -50 /var/log/secure

Hope this helps someone else...

Really appreciate the help of everyone on the alias!


On Oct 13, 2010, at 9:08 AM, Kevin Hunter wrote:

> At 8:31am -0400 Wed, 13 Oct 2010, Ron Kelley wrote:
>> Thanks for the syntax Jonathan. However, this is what happens when I
>> try to do the command:
>> [root at test-svr1 ~]# ssh rmaint at "tail -100 /var/log/messages"
>> tail: cannot open `/var/log/messages' for reading: Permission denied
> /etc/sudoers is read by the sudo command.  Meaning that the user needs to use sudo.  Try:
> $ ssh rmaint at "sudo tail -100 /var/log/messages"
> Note also that sudo requires the command to match /exactly/.  For instance if you had this in your sudoers file:
> rmaint ALL=(root) NOPASSWD: /bin/ls /var/spool/cron/atjobs/
> Then you would always need that trailing slash or will ask for a password:
> $ sudo ls /var/spool/cron/atjobs
> [sudo] password for rmaint:
> Hope this helps,
> Kevin
> -- 
> This message was sent to: Ron Kelley <rkelleyrtp at gmail.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web	: http://www.trilug.org/mailman/options/trilug/rkelleyrtp%40gmail.com
> TriLUG FAQ          : http://www.trilug.org/wiki/Frequently_Asked_Questions

More information about the TriLUG mailing list