[sudo-users] How to preserve functions in scripts for calling by sudo?
L A Walsh
sudo at tlinx.org
Sat Jun 3 11:39:00 MDT 2017
Todd C. Miller wrote:
>> Defaults env_keep += "*"
>> Defaults env_keep += "*=()*"
>>
> Sorry, I spoke too soon. Patterns with more than one "*" will not
> be supported until sudo 1.8.21. I just pushed a commit to convert
> the bash function check when env_reset is disabled into a pattern
> so it can be removed via:
> Defaults env_delete -= "*=()*"
>
Nice.
> But this won't be available until sudo 1.8.21 unless you compile
> your own sudo from the sudo repo.
>
---
I just re-hacked my distro's updated version as it was mostly a
known quantity, to remove the function check in env.c then added 3
lines to the sudoers files.
## env_reset must be on for env_keep to fully work (allow functions)
Defaults env_reset
Defaults env_keep = "*"
Thanks again for addressing some of these issues so I won't
have to keep patching my own versions... ;-) Have way too
many self-compiled/remade binary & source rpms to effectively
maintain... ug...
-l
More information about the sudo-users
mailing list