sudo still ask for password when NOPASSWD is used

security unix linux sudo

I read all sudo posts on serverfault, but I still cannot figure out what I'm doing wrong. Normally I finally find the solution but not this time :

I want apache user to be able to execute this command as user "hremotessh" :

sudo /home/hremotessh/scripts/redirect.sh 8892 8893

Therefore I added this in visudo :

apache ALL=(hremotessh) NOPASSWD: /home/hremotessh/scripts/redirect.sh

But sudo is still asking the password ?

sudo /home/hremotessh/scripts/redirect.sh
[sudo] password for apache:

I tried this, but not better :

sudo -u hremotessh /home/hremotessh/scripts/redirect.sh
hremotessh is not in the sudoers file.  This incident will be reported.

Any idea would be warmly welcomed :-)

Denis


Unless you want to run the command as root you need to specify the username, so 

 su - apache -s /bin/bash 
 sudo -u hremotessh /home/hremotessh/scripts/redirect.sh 8892 8893

is the correct syntax to test the sudo command.

Since you're not prompted for the apache user's password sudo seems to be configured correctly.

The resulting warning: hremotessh is not in the sudoers file. indicates that another sudo command is used in the redirect.sh script. And there's no (valid) sudo policy for that user.

Related

Retrieve Information from Cisco router in Parsable Manner
Site-to-Site IPsec vpn not sending ping across a tunnel
Joining a Linux host to Active Directory unattended
VMware FT, App HA: What happens if vCenter Server is offline?
Best way to secure Kickstart encrypted partition passwords
Can I force a Windows Server 2008 DNS Conditional Forwarder to use TCP Only?
every minute - possible SYN flooding on port 80
How to reload environment variables file in a running Docker container
Will a SSD storage perform like a magnetic for small root volumes in AWS EC2?
Virtualising a VERY legacy app
Load Balancing RDS (in AWS)
How to correctly configure DNS usage in Ubuntu? Authoritative answers without RA flag are ignored