# Asking for root password when restarting services

## Belliash

Hello guys,

I have recently migrated from GrSec to SELinux and actually, sometimes when I try to start/stop/restart/reload service it is asking me for root password ...

Of course I have root right already. I have this on 2 machines: This is the output from `id`:

```
uid=0(root) gid=0(root) groups=0(root) context=staff_u:staff_r:staff_t
```

```
uid=0(root) gid=0(root) groups=0(root) context=staff_u:sysadm_r:sysadm_t
```

As you can see context if different but problem exists on both of them.

Sometimes this is working nicely, but sometimes `rc-service [service] restart` or /etc/init.d/[service] lead to the following prompt:

```
# rc-service nginx reload

Authenticating root.

Password: 
```

How can I fix that? It is really annoying that I need to enter root password all the time....

```
# rc-service sshd restart

sshd              | * Stopping sshd ...                                                                                                                                                                                                [ ok ]

sshd              | * Starting sshd ...                                                                                                                                                                                                [ ok ]

# /etc/init.d/cronie restart

Authenticating root.

Password: 

```

[Moderator edit: changed [quote] tags to [code] tags to preserve output layout. -Hu]

----------

## KintaroBC

To fix this behaviour you edit /etc/pam.d/run_init with your favourite editor and remove a comment from a directive near the beginning of the file...

```

# auth       sufficient   pam_rootok.so

```

The whole file should now look something like this...

```

auth       sufficient   pam_rootok.so

auth       include      system-auth

account    include      system-auth

password   include      system-auth

session    include      system-auth

session    optional     pam_xauth.so

```

Now you should be able to restart nginx without trouble...

```

# rc-service nginx restart

Authenticating root.

 * Caching service dependencies ... [ ok ]

 * Checking nginx' configuration ... [ ok ]

 * Stopping nginx ... [ ok ]

 * Starting nginx ... [ ok ]

```

----------

