[techtalk] nmap and sudo
Almut Behrens
almut_behrens at yahoo.com
Sat Jul 28 21:01:19 EST 2001
On Sat, Jul 28, 2001 at 10:27:22AM +0000, Subba Rao wrote:
>
> I am trying to use nmap as a regular user. So I have added the following entry
> into the sudoers file:
>
> subba9 myhost = PASSWD: /sbin/ifconfig, /usr/local/bin/nmap
>
> Nmap complains that I need to be logged on as root user. So I modified sudoers
> with the following entry to run nmap with root user privileges:
>
> subba9 myhost = PASSWD: /sbin/ifconfig, (root) /usr/local/bin/nmap
>
> Nmap still continues to give the following error messages:
>
> -----------------------------------------------------------------------
> (0)subba9 at myhost:~ => nmap -sS -O localhost
you've just forgotten to put 'sudo' in front of the command you want
to run :)
$ sudo nmap -sS -O localhost
(In case you haven't just forgotten, and are wondering why the system
doesn't know by itself, here's the reason:
The shell would have to parse the sudoers file for *every* command
issued (or keep the parsed contents of the file in memory) to be able
to tell which commands to run via the suid wrapper (i.e. sudo). This is
an overhead one wants to avoid...)
BTW, you shouldn't need to specify the user (root), as it's the default.
Also, if you don't want to be asked for the password, you can use the
keyword NOPASSWD -- just in case you didn't know already...
Cheers,
Almut
More information about the Techtalk
mailing list