Visudo changes not working until I exit the editor (CentOS) [closed]
This is a basic exercise in my unix course.
The instruction is as follows:
- Terminal 1: As root user run
visudo - Terminal 1: Comment out the line
%wheel ALL=(ALL) ALL - Terminal 1: Save with :w and DO NOT exit visudo
- Terminal 2: Login as a regular user
- Terminal 2: Execute
sudo ls - Terminal 2: You should get an error that says something like "username is not in sudoers list"
Note: The regular user is already a member of the wheel group
The issue is that, I'm not getting the not in sudoers list error until I exit visudo in Terminal 1.
What makes this more confusing is that, for some people in my program, they were able to get the error without exiting visudo in Terminal 1.
Is there any setting that makes this behavior different in our machines?
Solution 1:
The command visudo does not directly edit the /etc/sudoers or fragments under /etc/sudoers.d/.
Instead it makes a temp copy of the file, opens your default editor to modify that temporary file. When you exit (not save) visudo will run a syntax check on the new version of the configuration file. If your syntax is valid, it will be copied back to the original location.
This whole validation process is in place as an attempt to prevent you from trashing your system and making it impossible to manage. If you are really brave, or unwise, you could just directly edit the sudoers file using your favorite editor. If you do that, as soon as you save, your changes will apply. Just don't make any errors if you do that, or you may be SOL.
As for what is going on with your application. I don't know, you really haven't provided enough information on that aspect of your problem for me to make any guesses.