runtime issues

Alek O. Komarnitsky (N-CSC) alek at
Wed Feb 11 14:10:21 EST 2004

> From sudo-users-bounces at Wed Feb 11 12:06 MST 2004
> In message <OFA12BE62F.18E783F7-ON85256E37.006205F5-85256E37.006265E0 at ohiohealt
> 	so spake  (DBSMITH):
> > this is still saying that sudoers should be 0440 as I run sudo reject 
> > prt225 as user x
> > my version is 1.6.7 patch5
> > running on HPUX 11i and 11.0
> Is /usr/local/etc/sudo/sudoers on an NFS-mounted filesystem?  I'm
> guessing that it is.  Because NFS remaps uid to a non-privileged
> uid (often -2), sudo uses group permissions to read the sudoers
> file (that is why sudoers should generally be mode 0440 and not
> mode 0400).  To read the sudoers file, sudo will change its uid to
> be non-zero and its gid to zero before opening the file.
> The owner and group on your sudoers file looks correct so I'm unsure
> just what the problem is.  It is possible that your NFS server is
> remapping gid 0 to a different value which would prevent sudo from
> reading the file.
> I just tested sudo on an HP-UX 11i machine with an NFS-mounted sudoers
> file and it works OK for me.  What were the configure arguments you
> used when configuring sudo?
>  - todd

FYI FWIW: We use NFS (auto) mounted sudoers file on ~thousand UNIX
boxes including several hundred HP-UX 11i machines - works fine if
you have set things up as Todd describes above. I also talk about
this in my sudo presetation available at:


More information about the sudo-users mailing list