[sudo-users] sudo -h, -U, and []
Michael W. Lucas
mwlucas at michaelwlucas.com
Wed May 29 14:09:01 MDT 2019
Hi,
Under certain conditions, I can get sudo -h to return the wrong
hostname. Not sure if this is a bug or a weird "working as designed,"
so I'm reporting it.
Testing a user's access on a new policy. Running as root.
User pete has this policy in sudoers, installed on a machine called
"freebsd."
pete dns[0-9]=ALL
# sudo -l -U pete -h dns1
User pete may run the following commands on dns1:
(root) ALL
All good. If I get fancy with the brackets, though:
pete dns[1,3,5,7,9]=ALL
# sudo -l -U pete -h dns1
User pete is not allowed to run sudo on freebsd.
I get the result for the local machine, "freebsd," and not "dns1."
I'm guessing that this is because fnmatch and glob choke on the
commas. Fine, I can't use them.
The odd bit is that sudo returns the wrong hostname. I would expect it
to return the same hostname I give in the command line?
Thanks,
==ml
--
Michael W. Lucas https://mwl.io/
author of: Absolute OpenBSD, SSH Mastery, git commit murder,
Immortal Clay, PGP & GPG, Absolute FreeBSD, etc, etc, etc...
More information about the sudo-users
mailing list