nerdexam
CompTIA

XK0-004 · Question #489

A Linux administrator's account has the following privileges: The administrator tried to install the vim package and received the following output: Which of the following is the BEST solution to resol

The correct answer is B. Execute sed -i 's/NOEXEC/EXEC/g' /etc/sudoers.d/admin as root. The sudoers entry for the admin account contains NOEXEC, which prevents the user from running executables via sudo. Replacing NOEXEC with EXEC in the sudoers drop-in file restores execution permission.

Security

Question

A Linux administrator's account has the following privileges:

The administrator tried to install the vim package and received the following output:

Which of the following is the BEST solution to resolve this issue?

Exhibit

XK0-004 question #489 exhibit

Options

  • AInstall the python2 package as root on the operating system
  • BExecute sed -i 's/NOEXEC/EXEC/g' /etc/sudoers.d/admin as root
  • CExecute groupmod -a -G wheel admin as root
  • DExecute sudo chmod 755 /usr/bin/yum

How the community answered

(50 responses)
  • A
    6% (3)
  • B
    62% (31)
  • C
    22% (11)
  • D
    10% (5)

Why each option

The sudoers entry for the admin account contains NOEXEC, which prevents the user from running executables via sudo. Replacing NOEXEC with EXEC in the sudoers drop-in file restores execution permission.

AInstall the python2 package as root on the operating system

Installing python2 as root does not resolve a sudoers NOEXEC restriction and is unrelated to the vim package installation failure.

BExecute sed -i 's/NOEXEC/EXEC/g' /etc/sudoers.d/admin as rootCorrect

The NOEXEC tag in /etc/sudoers.d/admin prevents the admin from executing binaries through sudo, which is why the yum/dnf install command fails. Running sed -i 's/NOEXEC/EXEC/g' /etc/sudoers.d/admin as root replaces the NOEXEC tag with EXEC, granting the admin the ability to run allowed commands that spawn child processes. This directly addresses the privilege restriction causing the installation failure.

CExecute groupmod -a -G wheel admin as root

Adding admin to the wheel group grants broader sudo access but does not specifically fix the NOEXEC restriction already present in the admin-specific sudoers drop-in file.

DExecute sudo chmod 755 /usr/bin/yum

Changing permissions on /usr/bin/yum with chmod does not address the sudoers NOEXEC policy preventing execution through sudo.

Concept tested: sudoers NOEXEC tag and privilege configuration

Source: https://www.sudo.ws/docs/man/sudoers.man/

Topics

#sudoers#NOEXEC#privilege escalation#sudo configuration

Community Discussion

No community discussion yet for this question.

Full XK0-004 Practice