-environment : Power10 S1024 (9105-42A), AIX 7.2 Tl5 SP8 (05-08-2420)
-issue: Currently, for 12 AIX partitions, multiple commands are configured with sudo (password-free) for one user (username: netadmin). However, only the NIM partition requires a password when execution sudo xxxx command. (Other OSes allow password-free execution of sudo xxxx.)
-Configuration Changes I did:
Added one line (underlined part) for netadmin to the “User privilege specification” section in /etc/sudoers, following the root ALL=(ALL) ALL line (edited using visudo)
##
## User privilege specification
##
root ALL=(ALL) ALL
netadmin ALL=(ALL) NOPASSWD: /HACMP/sbin/logha,/usr/sbin/lsdev,/HACMP/sbin/lssrcha,/HACMP/sbin/moveRG,/usr/sbin/ntpq,/HACMP/sbin/psha,/usr/sbin/shutdown,/HACMP/sbin/snap.sh,/usr/sbin/diag
-Verification Results:
The command I added to sudo execution (ex: “ntpq”) requires prompts for entering the user's password. (After entering the password, it executes normally)
【Log Excerpt】
KNXX2SV1[/]# su - netadmin
$ whoami
netadmin
$
$ export LANG=C
$
$ ntpq -p
ksh: ntpq: cannot execute
$
$ sudo ntpq -p
Password: <=== here is the problem point
$
$ sudo ntpq -p
Password: <=== in case I entered the password, it normally executed
remote refid st t when poll reach delay offset disp
==============================================================================
*KZ854SV001.ad.k 10.16.0.30 6 u 6 64 377 0.99 -0.218 0.17
$
Q. How can I resolve this problem? I'd like to execute the sudo command without password prompt.
Regards,
Sumi Kaneko.