sudo config

Ladner, Eric (Eric.Ladner) Eric.Ladner at
Mon Nov 3 11:21:00 EST 2003

It could be that amanda is tring to 'su - somebody' and sudo is only allowing her to execute '/usr/bin/su' with no arguments.  Try changing this:

Cmnd_Alias     SU = /usr/bin/su

To this:

Cmnd_Alias     SU = /usr/bin/su *[-]* *[a-zA-Z0-9]*

That will allow her to execute

'/usr/bin/su' by itself or '/usr/bin/su - root' or '/usr/bin/su someuser'

FYI.. Allowing somebody to sudo to root or execute a shell as root, you might as well give them the root password for as much protection and tracking that sudo will give you.  From the sudoers file below, she can 'sudo /bin/bash' and do whatever she wants with no logging at all.


-----Original Message-----
From: sudo-users-bounces at [mailto:sudo-users-bounces at] On Behalf Of Benjamin Stössel
Sent: Friday, October 31, 2003 2:13 AM
To: sudo-users at
Subject: sudo config

Hi there

i am trying to get a su command working without a password with sudo but it won't work! tried quite everything. looked at the example sudoers file on the page but it doesn't work!

here some cuts out of my sudoers file:

# Host alias specification
Host_Alias      HERE =

# User alias specification
User_Alias      STATISTICS = amanda

# Cmnd alias specification
Cmnd_Alias      SU = /usr/bin/su
Cmnd_Alias      SHELL = /bin/sh, /bin/bash

# Defaults specification

# User privilege specification
root    ALL=(ALL) ALL
STATISTICS      ALL = NOPASSWD: /http/toyo/statistics/, SU, SHELL

why does this not work?

with kind regards


NEU FÜR ALLE - GMX MediaCenter - für Fotos, Musik, Dateien... Fotoalbum, File Sharing, MMS, Multimedia-Gruß, GMX FotoService

Jetzt kostenlos anmelden unter

+++ GMX - die erste Adresse für Mail, Message, More! +++

sudo-users mailing list <sudo-users at>
For list information, options, or to unsubscribe, visit:

More information about the sudo-users mailing list