User not in sudoers ... but it is!

Asked Sep 18 '20 at 10:25

Active Sep 18 '20 at 10:25

Viewed 39 times

I am running the following command line:

myuser@server:/var/www/html/folder/htdocs$ php remove.php
myuser is not in the sudoers file.  This incident will be reported.

Within remove.php I run:

exec('sudo -u myuser /usr/bin/wipe '.$main_path.$base.' -f -c -s');

And I've set my sudoers file:

www-data ALL=(myuser) NOPASSWD: ALL

And I've set sudoers to 0440:

-r--r----- 1 root root 838 Sep 18 11:07 sudoers

Why am I told that myuser isn't in the sudoers file when it is?

asked Sep 18 '20 at 10:25

Antony

Are you sure? I don't think the system will lie to you about this. Try sudo adduser yourusername sudo. You have to do this from a user that already has sudo privilege. – Nmath Sep 18 '20 at 10:29
I have run that - gone back to my php script and am still getting the same message. I agree its bizarre that the system shouldn't lie! I'm either missing something obvious or have done something weird – Antony Sep 18 '20 at 10:32
which user executes the php script? – Nmath Sep 18 '20 at 10:35
I'm now running it purely from the command line (outside of PHP) with sudo -u myuser /usr/bin/wipe and its erroring too - same error – Antony Sep 18 '20 at 10:37
usermod -aG sudo myuser and a reboot did the fix :) thanks – Antony Sep 18 '20 at 10:52
AFAIK www-data ALL=(myuser) NOPASSWD: ALL allows user www-data to execute sudo -u myuser somecommand - it does not allow myuser to execute sudo themself. See for example Trying to understand the difference between “modernNeo ALL=(ALL:ALL) ALL” and “modernNeo ALL=(ALL) ALL” in the sudoers file – steeldriver Sep 18 '20 at 11:19

0 Answers0