Score:1

Reload user groups without reboot and without ugly hacks for use in a bash script

it flag

The /etc/sudoers.d/user1 file contains:

%user1  ALL=(user1) NOPASSWD:ALL

Which using the sudo command grants all users of the user1 group (%user1) to login to the user1 user (ALL=(user1)) without the need for a password.

If after adding the user1 group to the current user myuser, a reboot is not performed, then using the sudo command it keeps asking me for a password to login to the user1 user until the next reboot because the user groups are not reloaded.

In fact, if I run the groups myuser command, I get:

myuser : myuser adm cdrom sudo dip plugdev lpadmin lxd sambashare user1

If instead I run the groups command, I get:

myuser adm cdrom sudo dip plugdev lpadmin lxd sambashare

without the group user1.

How do I reload user groups without reboot and without ugly hacks for use in a bash script?

I've already read the solutions proposed by the various StackExchange links ad nauseam, they don't satisfy me, as I want to remain in the same shell session during the reload or temporarily open a new one and close it again at the end of the command useful for reloading user groups, because everything is contained within a giant script.

I use Ubuntu 22.04 LTS Desktop 64-bit.

hr flag
Are you sure the issue here is about "reloading sudoers", and not about updating group memberships? Did the `user1` group exist already or did you just create it? If it was a pre-existing group, did you add the user with which you are testing the sudo command to it in the same session as that in which you updated the sudoers file?
it flag
I will try more combinations of things thanks to your comment, the fact remains that the script creates the user `user1` (therefore also the group of the same name), associates the current user to that group and then creates the file `/etc/sudoers.d/user1` in the same session.
Rishon JR avatar
pl flag
AFAIK The only way to do this is to boot into the recovery kernel (From grub)
it flag
Yes, I confirm, it's a group update problem, in fact I tried to remove myself from the `user1` group, restart the computer and put me back in the `user1` group, then it asked me again for the password to login to the `user1` user. In fact, the specific problem is that the `groups myuser` command returns: `myuser : myuser adm cdrom sudo dip plugdev lpadmin lxd sambashare user1`. With the `groups` command it returns: `myuser adm cdrom sudo dip plugdev lpadmin lxd sambashare` without the group `user1`. How do I update groups?
hr flag
@MarioPalumbo it's anything that starts a new *login session* I think - so for example `su - user1`
it flag
I've already read these solutions ad nauseam, they don't satisfy me, as I want to remain in the same shell session during the reload or temporarily open a new one and close it again at the end of the command useful for reloading user groups, because everything is contained within a giant script.
it flag
I completely twisted the question.
it flag
Is there no solution?
Score:0
io flag

I'm probably going to attract unpleasant comments, but there is a way - after struggling to find a solution the conventional way, I asked ChatGPT. Here's what worked on my ubuntu 20.04 @MarioPalumbo:

  • tried to restart the culprit, sudo.service, but sudo systemctl status sudo.service shows it's masked. file /lib/systemd/system/sudo.service answers /lib/systemd/system/sudo.service: symbolic link to /dev/null
  • I deleted this pseudo-file, sudo rm /lib/systemd/system/sudo.service
  • then created a /lib/systemd/system/sudo.service :
[Unit]
Description=Sudo Service

[Service]
Type=forking
ExecStart=/usr/bin/sudo /usr/bin/sudo -i

[Install]
WantedBy=multi-user.target

then after a final sudo systemctl restart sudo.service I could run a sudo -i from another fresh terminal without being asked for my password.

I ended the a (probably useless) sudo systemctl stop /lib/systemd/system/sudo.service, then a final sudo rm /lib/systemd/system/sudo.service && sudo ln -s /dev/null /lib/systemd/system/sudo.service && sudo systemctl daemon-reload to reset things properly.

I'm afraid this is a ugly hack, though...?

it flag
What does the sudo service have to do with reloading groups? Should restarting sudo.service update newly added groups to a user? Are you sure? If you're sure and have tested this thing, I'll give it a try. Welcome to StackExchange. :-)
fredt34 avatar
io flag
I'm not sure I have a real clue about the link between reloading groups and sudo, @MarioPalumbo. I just know that I finally could sudo passwordless from Session2 after going through this on Session1.
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.