ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups

    Why does a command work after sudo su, but not with sudo?

    IT Discussion
    7
    13
    742
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Kelly
      Kelly last edited by

      I'm playing around with ZeroTier on a backup server (running Ubuntu 18.04) I'm deploying for a customer. When I run

      sudo zerotier-cli join ##########
      

      it complains about the authtoken not existing or being readable. It does exist. When I do sudo su before running the same command (sans sudo) it works. Here is the permissions on it set by the installer:

      -rw-------  1 zerotier-one zerotier-one   24 Jun  4 15:40 authtoken.secret
      

      Can y'all educate a Linux newb?

      matteo nunziati 1 Reply Last reply Reply Quote 0
      • coliver
        coliver last edited by

        My guess is that it is running several commands after just zerotier-cli join. Those are run as the current user. When you sudo su you become root so any command is then run in the root context.

        1 Reply Last reply Reply Quote 0
        • scottalanmiller
          scottalanmiller last edited by

          Odd, I swear it works for me. I'll have to double check.

          1 Reply Last reply Reply Quote 0
          • black3dynamite
            black3dynamite last edited by

            It works for me.

            1 Reply Last reply Reply Quote 0
            • matteo nunziati
              matteo nunziati @Kelly last edited by

              @kelly sudo su lets you load part of the root env if I remember correctly.
              Basically sudo lets your user do privileged work.
              Sudo su lets your user become root. And then ezecute code as root.
              This not the same as logging as root but some of the env should be loaded.

              Kelly 1 Reply Last reply Reply Quote 1
              • dbeato
                dbeato last edited by

                Sometimes for me has been the environmental variables (like for zimbra) or like root when you cannot sudo cd to a directory.

                1 Reply Last reply Reply Quote 0
                • Kelly
                  Kelly @matteo nunziati last edited by

                  @matteo-nunziati said in Why does a command work after sudo su, but not with sudo?:

                  @kelly sudo su lets you load part of the root env if I remember correctly.
                  Basically sudo lets your user do privileged work.
                  Sudo su lets your user become root. And then ezecute code as root.
                  This not the same as logging as root but some of the env should be loaded.

                  Is the default account that is created when you set up Ubuntu not root?

                  JaredBusch 1 Reply Last reply Reply Quote 1
                  • Kelly
                    Kelly last edited by

                    Sorry for the lack of follow up yesterday. I was at a client site.

                    1 Reply Last reply Reply Quote 1
                    • JaredBusch
                      JaredBusch @Kelly last edited by

                      @kelly said in Why does a command work after sudo su, but not with sudo?:

                      @matteo-nunziati said in Why does a command work after sudo su, but not with sudo?:

                      @kelly sudo su lets you load part of the root env if I remember correctly.
                      Basically sudo lets your user do privileged work.
                      Sudo su lets your user become root. And then ezecute code as root.
                      This not the same as logging as root but some of the env should be loaded.

                      Is the default account that is created when you set up Ubuntu not root?

                      A root account exists by default, but you you don't populate the root password, it makes a user account with sudo privileges.

                      If you give the root account a password during setup, you can create a user account without sudo I do believe.

                      Is that what you are asking?

                      Kelly 1 Reply Last reply Reply Quote 0
                      • Kelly
                        Kelly @JaredBusch last edited by Kelly

                        @jaredbusch said in Why does a command work after sudo su, but not with sudo?:

                        @kelly said in Why does a command work after sudo su, but not with sudo?:

                        @matteo-nunziati said in Why does a command work after sudo su, but not with sudo?:

                        @kelly sudo su lets you load part of the root env if I remember correctly.
                        Basically sudo lets your user do privileged work.
                        Sudo su lets your user become root. And then ezecute code as root.
                        This not the same as logging as root but some of the env should be loaded.

                        Is the default account that is created when you set up Ubuntu not root?

                        A root account exists by default, but you you don't populate the root password, it makes a user account with sudo privileges.

                        If you give the root account a password during setup, you can create a user account without sudo I do believe.

                        Is that what you are asking?

                        Yes, that answers my question. Just to summarize how I am understanding it from what has been said:

                        • I was logged in with a sudoer, but not root

                        • When I do sudo su I am actually switching to root

                        • Since this is the case the user context was different and my sudoer user account did not have permissions to the file, but in the root user context I would have permissions and thus the command succeeded.

                        Is that all correct?

                        JaredBusch 1 Reply Last reply Reply Quote 0
                        • JaredBusch
                          JaredBusch @Kelly last edited by JaredBusch

                          @kelly said in Why does a command work after sudo su, but not with sudo?:

                          @jaredbusch said in Why does a command work after sudo su, but not with sudo?:

                          @kelly said in Why does a command work after sudo su, but not with sudo?:

                          @matteo-nunziati said in Why does a command work after sudo su, but not with sudo?:

                          @kelly sudo su lets you load part of the root env if I remember correctly.
                          Basically sudo lets your user do privileged work.
                          Sudo su lets your user become root. And then ezecute code as root.
                          This not the same as logging as root but some of the env should be loaded.

                          Is the default account that is created when you set up Ubuntu not root?

                          A root account exists by default, but you you don't populate the root password, it makes a user account with sudo privileges.

                          If you give the root account a password during setup, you can create a user account without sudo I do believe.

                          Is that what you are asking?

                          Yes, that answers my question. Just to summarize how I am understanding it from what has been said:

                          • I was logged in with a sudoer, but not root

                          • When I do sudo su I am actually switching to root

                          • Since this is the case the user context was different and my sudoer user account did not have permissions to the file, but in the root user context I would have permissions and thus the command succeeded.

                          Is that all correct?

                          Generally yes. It is unusual not to have access to something with sudo so more very specific things would need determined.

                          Example, this file is owned by root.

                          [[email protected] ~]$ ls -l /etc/nginx/conf.d/jaredbusch.com.conf 
                          -rw-r--r--. 1 root root 1108 Sep  5  2017 /etc/nginx/conf.d/jaredbusch.com.conf
                          

                          If I do this

                          [[email protected] ~]$ nano /etc/nginx/conf.d/jaredbusch.com.conf 
                          

                          I get this.
                          0_1528226957838_6b8a689c-9cb0-4c82-8bc8-eb4c0e9e4af3-image.png

                          But

                          [[email protected] ~]$ sudo nano /etc/nginx/conf.d/jaredbusch.com.conf 
                          [sudo] password for jbusch: 
                          

                          I get this. (ie writable)
                          0_1528227025071_045a1b8c-db86-43dd-8cd7-d4a7a0cc327c-image.png

                          This example is on CentOS 7. I do not have handy access to an Ubuntu system. I guess I could check with a Debian system.

                          dbeato 1 Reply Last reply Reply Quote 4
                          • dbeato
                            dbeato @JaredBusch last edited by

                            @jaredbusch said in Why does a command work after sudo su, but not with sudo?:

                            @kelly said in Why does a command work after sudo su, but not with sudo?:

                            @jaredbusch said in Why does a command work after sudo su, but not with sudo?:

                            @kelly said in Why does a command work after sudo su, but not with sudo?:

                            @matteo-nunziati said in Why does a command work after sudo su, but not with sudo?:

                            @kelly sudo su lets you load part of the root env if I remember correctly.
                            Basically sudo lets your user do privileged work.
                            Sudo su lets your user become root. And then ezecute code as root.
                            This not the same as logging as root but some of the env should be loaded.

                            Is the default account that is created when you set up Ubuntu not root?

                            A root account exists by default, but you you don't populate the root password, it makes a user account with sudo privileges.

                            If you give the root account a password during setup, you can create a user account without sudo I do believe.

                            Is that what you are asking?

                            Yes, that answers my question. Just to summarize how I am understanding it from what has been said:

                            • I was logged in with a sudoer, but not root

                            • When I do sudo su I am actually switching to root

                            • Since this is the case the user context was different and my sudoer user account did not have permissions to the file, but in the root user context I would have permissions and thus the command succeeded.

                            Is that all correct?

                            Generally yes. It is unusual not to have access to something with sudo so more very specific things would need determined.

                            Example, this file is owned by root.

                            [[email protected] ~]$ ls -l /etc/nginx/conf.d/jaredbusch.com.conf 
                            -rw-r--r--. 1 root root 1108 Sep  5  2017 /etc/nginx/conf.d/jaredbusch.com.conf
                            

                            If I do this

                            [[email protected] ~]$ nano /etc/nginx/conf.d/jaredbusch.com.conf 
                            

                            I get this.
                            0_1528226957838_6b8a689c-9cb0-4c82-8bc8-eb4c0e9e4af3-image.png

                            But

                            [[email protected] ~]$ sudo nano /etc/nginx/conf.d/jaredbusch.com.conf 
                            [sudo] password for jbusch: 
                            

                            I get this. (ie writable)
                            0_1528227025071_045a1b8c-db86-43dd-8cd7-d4a7a0cc327c-image.png

                            This example is on CentOS 7. I do not have handy access to an Ubuntu system. I guess I could check with a Debian system.

                            Same things happens in Ubuntu/Debian

                            1 Reply Last reply Reply Quote 2
                            • Kelly
                              Kelly last edited by

                              Thanks. I appreciate the schooling.

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post