sudo-users digest, Vol 1 #302 - 2 msgs

wade.a.harding at accenture.com wade.a.harding at accenture.com
Mon Mar 11 16:50:36 EST 2002 

It looks as though it's finding the chown in /usr/bin, first... Either
update the user's path to hit their allowable sudo first, or update sudo...

-Wade


                                                                                                    
            sudo-users-request at sudo.                                                                
            ws                              To:     sudo-users at sudo.ws                              
            Sent by:                        cc:                                                     
            sudo-users-admin at sudo.ws        Subject:     sudo-users digest, Vol 1 #302 - 2 msgs     
                                                                                                    
                                                                                                    
            03/11/2002 01:01 PM                                                                     
            Please respond to                                                                       
            sudo-users                                                                              
                                                                                                    
                                                                                                    




Send sudo-users mailing list submissions to
     sudo-users at sudo.ws

To subscribe or unsubscribe via the World Wide Web, visit
     http://www.sudo.ws/mailman/listinfo/sudo-users
or, via email, send a message with subject or body 'help' to
     sudo-users-request at sudo.ws

You can reach the person managing the list at
     sudo-users-admin at sudo.ws

When replying, please edit your Subject line so it is more specific
than "Re: Contents of sudo-users digest..."


Today's Topics:

   1. Help With Path Not Working. (Michael Whittaker (QAC))
   2. RE: Help With Path Not Working. (Brent Fortman)

--__--__--

Message: 1
From: "Michael Whittaker (QAC)" <Michael.Whittaker at pac.ericsson.se>
To: "'sudo-users at sudo.ws'" <sudo-users at sudo.ws>
Subject: Help With Path Not Working.
Date: Mon, 11 Mar 2002 11:57:42 +0100

Hi

I have a requirement from my users so that they do not have to type in the
absolute path for every command when running sudo. The problem occurs when
some commands exist in 2 directories and both directories are in the path.

Example

PATH=/usr/bin:/sbin:/usr/local/bin

/etc/sudoers
Cmnd_Alias      ARP_COMMANDS = /sbin/arp
Cmnd_Alias      CHOWN_COMMANDS = /sbin/chown
fred           ALL = ARP_COMMANDS, CHOWN_COMMANDS

Results:
sudo arp -a
works correctly. arp command is picked up from /sbin

sudo chown root /tmp/m1
Sorry, user fred is not allowed to execute '/usr/bin/chown root /tmp/m1' as
root on disney

This occurs when chown is in /sbin and /usr/bin

The problem is that I need /sbin in the path in order to execute the arp -a
without specifying the full path of command.

Can anyone tell me what I'm doing wrong ?

Regards - Mike

--__--__--

Message: 2
From: Brent Fortman <Brent.Fortman at radioshack.com>
To: "'Michael Whittaker (QAC)'" <Michael.Whittaker at pac.ericsson.se>,
   "'sudo-users at sudo.ws'" <sudo-users at sudo.ws>
Subject: RE: Help With Path Not Working.
Date: Mon, 11 Mar 2002 08:02:07 -0600

Why not simply change the path of "chown" in your sudoers definition to be:

CHOWN_COMMANDS = /usr/bin/chown

Brent


-----Original Message-----
From: Michael Whittaker (QAC) [mailto:Michael.Whittaker at pac.ericsson.se]
Sent: Monday, March 11, 2002 4:58 AM
To: 'sudo-users at sudo.ws'
Subject: Help With Path Not Working.


Hi

I have a requirement from my users so that they do not have to type in the
absolute path for every command when running sudo. The problem occurs when
some commands exist in 2 directories and both directories are in the path.

Example

PATH=/usr/bin:/sbin:/usr/local/bin

/etc/sudoers
Cmnd_Alias      ARP_COMMANDS = /sbin/arp
Cmnd_Alias      CHOWN_COMMANDS = /sbin/chown
fred           ALL = ARP_COMMANDS, CHOWN_COMMANDS

Results:
sudo arp -a
works correctly. arp command is picked up from /sbin

sudo chown root /tmp/m1
Sorry, user fred is not allowed to execute '/usr/bin/chown root /tmp/m1' as
root on disney

This occurs when chown is in /sbin and /usr/bin

The problem is that I need /sbin in the path in order to execute the arp -a
without specifying the full path of command.

Can anyone tell me what I'm doing wrong ?

Regards - Mike
____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-users


--__--__--

____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-users

End of sudo-users Digest




This message is for the designated recipient only and may contain
privileged, proprietary, or otherwise private information.  If you have
received it in error, please notify the sender immediately and delete the
original.  Any other use of the email by you is prohibited.

More information about the sudo-users mailing list