Home / server / Questions / 92893
Accepted
mrduclaw
Asked: 2009-12-10 22:35:41 +0800 CST

sudo without password?

  • 772

Some strange things are happening with my Ubuntu box today as a regular (non-root user):

  • As soon as I log in, I can sudo without typing my password (normally, I believe I always have to type my password to sudo?)
  • When I type cd ~, it tells me that I don't have permission to go to /root.
  • Similarly, my bash prompt displays something like: user@host:/home/username instead of the more familiar user@host:~ that I'm used to.
  • None of my profiles seem to be set up correctly anymore, everything seems to be thinking that my home directory is /root.
  • Because of the previous bullet, I can't do things like run screen because it can't write a new profile in the /root directory.

It's probably useful to know that cating /etc/passwd shows that my user's home is /home/user and not /root.

I did just do a big apt-get upgrade, is this normal behavior for the new versions of my software? rkhunter reports some suspicious files, but they appear to have been there for awhile and seem legitimate (they look to be files related to Request Tracker). I can post the rkhunter logs if that helps anyone and is prudent. And chkrootkit shows up with nothing. Also unhide doesn't seem to notice anything. The only thing that rkhunter seems to be concerned about is my versions of openssl, openssh, php, GnPG. But doing a

sudo apt-get update; sudo apt-get upgrade; sudo apt-get dist-upgrade

Gives me no packages to upgrade.

Anyone have anything to suggest for how to fix this? Bonus points to anyone that can determine the cause of my problem.

UPDATE: As I said above, my /etc/passwd shows my home directory to be correct (/home/username), but when I echo $HOME it shows /root. Here's output:

user@hostname:/home/user$ getent passwd $USER
user:x:1000:1000:user,,,:/home/user:/bin/bash
user@hostname:/home/user$ echo $HOME
/root

UPDATE UPDATE: Thanks to suggestions here, I found that there was a .profile in /home/user that was exporting my HOME as /root. While I guess this is the work of some weird software I apt-get'd removing it seems to have fixed most of my issues.

Thanks everyone!

linux

3 Answers

  1. Best Answer
    $ id
$ echo $HOME
$ getent passwd $USER

    Sounds like $HOME is incorrect, which is interesting. If this is happening at login, look at what is in the system accounts database for your account, which is what the second command does. Typically/historically, this db is /etc/passwd and on modern Linux, there will be /etc/shadow too.

    Partly, the sudo sounds like your uid has been set to 0, which would be strange. Don't do that, it means your account is root, just with a different name, which makes your account just as dangerous if misused. If this has happened, then you have some cleanup work ahead of you. Do not do { sudo vipw } because you risk not being able to sudo again, depending on ownership of various configs, so you then could not fix the permissions. Instead { sudo -i } to effectively log in as root, then use { vipw } and then use a { chown -R ... } to reset ownerships.

    • 4

  2. I may be wrong, but here is what I think 1) No password is resquested when sudoing : your default shell might be sudo in place of bash. Check it in /etc/passwd, 2) Unable to go to /root : check the rights of that folder, and if needed chmod u+x it, 3) In sudo mode that's pretty normal, 4) It's related to 1)

    As I wrote, that's only suggestions. But here are some explaination of why. The uid and gid are not the effective uid and effective gid. When you sudo, you just change the uid/gid but not the effectives ones. Another suggestion for being able to go to /root : try sudo bash

    • 1

  3. You can edit your visudo for restore sudo password request when deploying

    In terminal: visudo

    You should edit this line:

    %sudo ALL=NOPASSWD: ALL

    And

    ALL=NOPASSWD:ALL
    • 0