escaping * in sudoers
Todd C. Miller
Todd.Miller at courtesan.com
Mon Mar 8 21:40:03 EST 2004
In message <OF2E8B3F08.EC3010FA-ONC1256E51.0049EBA9 at muc.allianz>
so spake (barbara.ruess):
> According to sudo documentation you can escape a special character in the
> sudoers file by \.
> I am trying to give a user permission for a command that contains an
> astrisk, le's say ls *.
That's not going to work. The shell expands globbing characters
like '*' before sudo even gets run. If all you want is to
allow a user to run ls with any arguments, you just need:
testuser testhost=(ROOT) NOPASSWD:/usr/bin/ls
Since commands in sudoers can run with any arguments by default.
Sudo can also interpret things like '*' itself but unless you
want to accept a literal '*' there's no reason to try to escape it.
More information about the sudo-users