9 Replies Latest reply: Jun 24, 2006 10:14 AM by Steve Friend1
Steve Friend1 Level 1 Level 1 (20 points)
Hi there,
I'm a bit of a Unix noob and I've hit a problem. It seems like when I'm using the Terminal sudo doesn't work. For instance if I want to copy/make a back up of the crontab file in /private/etc I use sudo cp crontab crontab.bak. I'm then ask for my admin password which I give, but the response is 'Sorry, try again', 3 times until the message 'sudo: 3 incorrect password attempts' is shown.

I am certain the password is right because I use it (with my admin user name) to authenticate certain things when I'm using the GUI front end of OSX (for instance dropping an app into the applications folder).

Sorry if this is a really stupid question, but I'm sure this used to work and now it doesn't.

Thanks,
Steve

G5 Dual 1.8 GHz PPC, Mac OS X (10.4.6), 2GB RAM
  • andfarm Level 2 Level 2 (415 points)
    You talk about an "admin account". Is this the same as the account you're currently logged in under?
  • Steve Friend1 Level 1 Level 1 (20 points)
    no it's not. I have two accounts, my day to day one which is not an admin account and my admin account.

    Thanks,
    Steve
  • Mario_MM Level 3 Level 3 (745 points)
    Hi Steve,

    I am not sure what you did, but maybe it is helpful to know that sudo only works for an "administrator" (at least if you didn't modify some system config files).

    A normal user account has insufficient privileges to execute sudo, actually beeing allowed to "sudo" is what makes you an administrator. Administrators are members of the group "admin" and members of this group are allowed to execute sudo. In order to check to which groups you belong use the command "id" in the terminal.

    Mario
  • LittleSaint Level 4 Level 4 (2,900 points)
    ...actually beeing allowed to "sudo" is
    what makes you an administrator.


    Not really. Any account can be given "sudoers" rights. Apple just chose the admin group as the default. Being in the admin group in NetInfo is what makes you an admin.


    Steve -

    What you can do is su to your admin account and then use sudo.

    user$ su adminUser
    Password:
    adminuser$ sudo -s
    Password:
    root#_


    PowerBook G4 Mac OS X (10.4.5)
  • Mario_MM Level 3 Level 3 (745 points)
    ot really. Any account can be given "sudoers"
    rights. Apple just chose the admin group as the
    default. Being in the admin group in NetInfo is what
    makes you an admin.


    As I wrote, this is the case for unmodified system files. It doesn't help you if your are in the admin group and not being mentioned in /etc/sudoers.

    I don't assume the OP has a modified system.

    Mario
  • LittleSaint Level 4 Level 4 (2,900 points)
    The point I was making is that sudoers does not define admins on the system. There is a lot of admin functionality that has nothing to do with sudo. In fact, most of the administrative functions (at least the GUI based ones) are handled by /etc/authorization. So, conceivably you could not have any sudoers rights and still administrate a system. I do understand that on a default system the admin group has full sudoers rights, so it could be assumed the two are tied together. However, the two really have nothing to do with each other.
  • Mario_MM Level 3 Level 3 (745 points)
    Yes, but since we were talking about sudo, we obviously didn't discuss GUI based administrative tasks.

    Mario
  • andfarm Level 2 Level 2 (415 points)
    Okay. Unless you want to mess around with the /etc/sudoers file (which is dangerous, and kind of defeats the purpose of having a non-admin account), you'll have to be logged in as an administrator to use sudo from the terminal.
  • Steve Friend1 Level 1 Level 1 (20 points)
    Thanks all for the input - problem solved and at least now I understand a little more about users in Unix!

    Cheers,
    Steve