User has full root right to all file not some
jamie.nudds at antlimited.com
Thu Jun 5 09:48:51 EDT 2003
I have just installed sudo-1.6.7p5 on one my servers with the
following config. The problems is that the user in question also
has full root access and can sudo vi (any file) they wish..
I only wanted the user to be able to edit httpd.conf + restart
apache on one server
Host_Alias TRENCH = trench
User_Alias APACHEUSER = jamie
Cmnd_Alias APACHE = /etc/rc.d/init.d/httpd
Cmnd_Alias VI = /bin/vi
Cmnd_Alias EDITAPACHE = /usr/local/apache/conf/httpd.conf
APACHEUSER TRENCH = APACHE, VI, EDITAPACHE
This all looks fine but as I said the user can also for example
do; sudo vi /etc/fstab and be able to edit the file...
Any help would be great.
More information about the sudo-users