Basic Sudo Issue!!
Alan Sparks
asparks at quris.com
Thu Jul 24 10:17:25 EDT 2003
On Thu, 2003-07-24 at 07:57, Lucas Clark wrote:
>
> # Host alias specification
> Host_Alias FW_SERVER=xxx.xxx.xxx.xxx
> # User alias specification
> User_Alias IPCHAIN_ADMIN=dummy1,dummy2
> # Cmnd alias specification
> Cmnd_Alias FW_SCRIPT=/sbin/ipchains
>
> # Defaults specification
> # User privilege specification
> root ALL=(ALL) ALL
>
> We are not sure if we should specify =(root), because IPchains can be run by
> the root only.
Since root can already run anything it wants to, there's not need to do
this, unless you really want root to use sudo. But root can bypass sudo
entirely.
>
> ?? IPCHAIN_ADMIN ALL = NOPASSWD: FW_SCRIPT
> or
> ?? IPCHAIN_ADMIN ALL=(root) FW_SCRIPT
>
I personally don't use the NOPASSWD option, but the first option looks
better to me.
> Can anyone tell us if this is correct. Also, how do we actually use sudo
> from the command prompt? We've tried typing "sudo ipchains - L" when logged
> in as the user "dummy1", but we get a "command not found" error?
To me, it sounds like /sbin (or whatever is the location of the
'ipchains' executable) is not in the user's PATH.
>
> Any help would be greatly appreciated.
> Thanks
>
>
> Lucas Clark
> Rogers AT&T Wireless
> Engineering
> Network Strategy
> Email: lclark11 at rci.rogers.com
>
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users
--
Alan Sparks, Sr. UNIX Administrator asparks at quris.com
Quris, Inc. (720) 836-2058
More information about the sudo-users
mailing list