edit 2011/04/16 1009 EST:
spoke too soon. they compiled a newer version of sudo (1.8.1) because a way old (1.7.2) is the only version in yum. you guys!
context: i’m using a mediatemple vps. they provide centos 5.3 with a custom kernel. this would be great, if it worked:
andrew >> sudo -u apache ls
[sudo] password for andrew:
sudo: Error dropping capabilities, aborting
: Operation not permitted
bug described here.
i’m not 100% sure that upgrading the kernel (2.6.9 –> 2.6.18) would fix it, but it’s worth a shot. since (mt) uses a custom kernel for their vps, you can’t upgrade it yourself. fine, i guess, so let’s contact support to see what they can do.
me:
when trying to use sudo to run a command as a particular user, it fails:
andrew@indigodigital >> sudo -u apache ls
[sudo] password for andrew:
sudo: Error dropping capabilities, aborting
: Operation not permitteddescribed here:
http://bugs.centos.org/view.php?id=3512
it’s crucial that users be able to use sudo to run commands as other users.
using sudo 1.7.2p1-10.el5.
them:
Thank you for your inquiry.
For information about how to create a sudo user on the (dv) Dedicated-Virtual, you can refer to this article:
http://wiki.mediatemple.net/w/(dv):Create_sudo_user_and_disable_SSH_for_root
Please keep in mind that the (dv) Dedicated-Virtual Server is a self-managed server, and assistance with its configuration and maintenance is outside of the (mt) Media Temple scope of support.
All suggestions in this message are provided entirely as a courtesy.
If you have any further questions regarding your (mt) Media Temple services, please feel free to contact us at any time.
Best regards,
Phil D.
Customer Support
(mt) Media Temple
877-578-4000
310-564-2007 http://kb.mediatemple.net/questions/824/
thanks guys, really. i’ll look past your completely irrelevant response. so it’s self-managed, right? then how do i upgrade the kernel or use a different os? you’ve constructed a nice loophole for yourselves here.
yeah, so don’t use a mediatemple vps.
Hear, hear
EVERYTHING falls outside of their support service. Install php-soap? Your problem. Their kb articles suggest upgrading to CentOS 5.6 if you are on a DV 3.5. How? Your problem again. Seriously, I am considering dropping the extra 100 bucks on managed hosting at rackspace, because a client I work with uses them and they are all that. MT just downright sucks
yeah, i guess “managed” means something different for me than it does for them, being that they lock you in to an OS of their choice without providing concrete support. and i mean, i’d put sudo in the “core application” category.
this kind of thing has happened before. you just have to call them out and they’ll help you out by doing something like compiling a new version of sudo (and isn’t centos’ package list hilariously out of date?).