|
Sudo without being admin
I would like to use the SUDO command without being admin. Mainly to start PHP and mySQL from a non admin account.
When I attempt to use SUDO from a non-admin account Unix tells that this can only be done if my account is in the "sudoers" list. How can I add an account to the "sudoers" list without making the account Admin in OS X? Is there another way of letting a non admin account start PHP and mySQL without SUDO? Thanks |
you need to use visudo
or if you don't like vi, who could like it? use export EDIT=pico; visudo I think that's it, or maybe export EDIT=visudo; pico Then add the desired user name to the list EDIT: OK, I looked up the correct syntax. export EDITOR=pico; visudo you can replace pico with your favorite editor |
/etc/sudoers is the file to edit. I suggest reading the sudoers man page to limit what you allow these people to do. Just copying what is in /etc/sudoers gives these people quasi-root on your machine. Bad idea jeans, my friend.
|
Re: Sudo without being admin
Quote:
su admin (supply admin password) sudo command_to_start_PHP (supply password again) exit (now you are back as your regular user id) |
Edit /etc/sudoers:
sudo visudo Note: visudo requires familiarity with the vi editor. If you desire to use another editor, you have to do something like the following (tcsh): setenv EDITOR /usr/bin/pico sudo visudo --with-env-editor In the file, you can grant specific users privileges to run a command as root under the RunAs section, or to run the command as root without providing a password: username ALL=(root) /sbin/ifconfig username ALL=NOPASSWD: /sbin/ifconfig You can also create command groupings for ease of administration: Cmnd_Alias INTERNET = /sbin/ifconfig, /sbin/ipfw, /usr/sbin/sshd %admin ALL = INTERNET |
don't feel comfortable
Hello,
Thanks for the feed-back, but as someone stated sudoers is a file that requires attention. For this reason I am very uneasy about editing the file with some pre-historic editor I last saw when I was at college (some time ago). I tried the sudo admin, but that requires knowing the admin password. Where do I find this, I installed 10.3 recently on my mac, it never asked me to define the password. So I suppose some standard default (which i do not know) has been set by apple. Comming to think of it, I actually need to start php and mysql only when I log as a user I specifically setup to create web pages. Is there a way to place the startup commands in some startupo script of a user? All help welcome. |
Re: don't feel comfortable
Quote:
There's two different commands, sudo and su. Hayne's post said: Quote:
su gene (and then enter gene's password at the prompt.) then type sudo command_to_start_PHP and enter gene's password again. The command su is (roughly) substitute user--it allows you to do something as some other user. sudo on the other hand, is roughly super-user-do, it allows you to perform commands as the super user, or root. (And yes, before any Unix experts complain, I know that sudo can also be substitute-user-do and allow you to perform commands as other people.) Obviously, to do this, you still need to know an admin user's password, which is tantamount to being an admin user. Gatorparrots advice allows you to do what you originally asked-- use sudo without being an admin user. After all this, I can't help but wonder why you are dead set on not using an admin account for starting php and MySQL. Trevor |
Re: don't feel comfortable
Quote:
If you didn't provide a password, login as this first user and go to System Preferences -> Accounts and define a new password for the admin user. You can then use this username and password for su and sudo. IMHO, you should never leave an administrator account un-passworded. If your machine is administered by someone other than yourself and you don't have access to the admin account details, you will have to contact the administrator of your machine and have them help you out. Hope this helps? |
Ok,
Thanks for all your feed-back but I think I will call it quits. Maybe this is not obvious, my Mac is a household computer. It is not an integral part of the BCP of some multinational. Whether I have passworded admin is not really the issue. If a thief gets into my house he will WALK away with my computer, passworded or not, reformat the disk and be happy. I would like to have PHP and mySQL start in an account that is not admin. Does anyone know how to do this? Ideally automatically at every system startup. This way I will not have to memorize any of these obtuse unix commands. After all I have a mac - which was designed for computer illeterates - and not a windows-pc! Thanks anyway. |
Well, don't start getting too frustrated; people are trying to help you and it's a little hard to psychically guess the situation you're in until you tell it to us.
I have two small pieces of advice: 1) if you're going to run php and mysql you're also going to need to invest a little time in learning some Unix. You may as well approach it with a positive attitude. 2) If you're planning on using that Mac for any length of time you should know how to use an admin account. Setup a new one for yourself, that you know the password for. There's a nice brief section in the Help system that explains how to do this. Search for 'admin.' Best of luck! :) |
Hello,
Ok guru's. I installed os 10.3.0. It comes with an admin account (not the one I created when I installed) but a standard unix one. What is its password? I already have an account with admin privileges, indeed it is the one created when I installed os 10.3.0. As this is a home computer, I see no need to create a second one. Now, all this started because PHP, or mySQL, honestly I don't remember suddenly indicated I needed to insert my account with admin privileges (the one created at install time) had to be in sudoers list. The finality is, I don't care about passwords, I don't care which account has admin, etc. How can I setup PHP and mySQL to startup automatically at machine startup? Know unix? I leave that open, but I emphasize the fact I have a mac, this is the UNIX - for newcomers forum. So I would have hoped feed-back would not have been paternalistic and focused on "passwords". Again, How can I setup PHP and mySQL to startup automatically at machine startup? :confused: |
Quote:
Quote:
And note that PHP is something that (usually) functions within the Apache web server, so there is nothing to be done to start it up. |
Quote:
|
The simple answer
Install these:
http://www.serverlogistics.com/mysql.php http://www.serverlogistics.com/php4.php http://www.serverlogistics.com/apache2.php (Each comes with a StartupItem to automatically start the respective daemon at boot.) |
Hello,
Thanks for the last thread with the links. I had worked my self to the same solution for mySQl, now for PHP. Which matter of fact, does not start automatically. Why? I do not know. As per the purveyours of passwords. My Mac is not connected to the web. And if indeed passwords are a thing we all must deal with, that was not the subject of this thread. Hence my position. Indeed, the real problem behind my sudoers question was quite different. But the sudoers list issue was exactly what unix told me when I tried to launch apache using sudo /usr/sbin/apachectl start. thats why I raised that question. |
PHP doesn't start, apache does.
v |
Quote:
|
Hello,
Good point, Php does not start Apache does. Now that you have made your point and clearly inderlined the fact that I do not make the difference between PHP and Apache. Tell me, How do you start Apache (or whaterver is needed) to have PHP web pages working on the Mac? Concerning the vi editor. The methods indicated to date require too much unix in my eyes. For those that do not know vi there is a simpler solution. Make a symbolic link to the unix directories that are not visible, then use the Finder to browse to the relevant file and edit it using any editor you are familiar with under the Mac GUI. To make the symbolic link 1. Start a shell 2. cd to your desktop 3. make the alias with ln -s <directory> <alias name> I actually made an alias for /usr and another for /etc. 4. the alias will show up on your desktop 5. Now you can browse all those unix directories that the Finder refuses to show (and contain valuable .ini files to edit). PS. Some structured files, such as sudoers, however will not edit. |
Quote:
And I really wish you'd quit being snide with the people who are volunteering their free time to try to help you. |
Quote:
or... sudo apachectl graceful Quote:
SHIFT+APPLE+G Type in folder name (even hidden folders) edit: found the hint (first comment) |
| All times are GMT -5. The time now is 02:15 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Site design © IDG Consumer & SMB; individuals retain copyright of their postings
but consent to the possible use of their material in other areas of IDG Consumer & SMB.