escaping * in sudoers

Todd C. Miller Todd.Miller at
Mon Mar 8 21:40:03 EST 2004

In message <OF2E8B3F08.EC3010FA-ONC1256E51.0049EBA9 at muc.allianz>
	so spake  (barbara.ruess):

> According to sudo documentation you can escape a special character in the
> sudoers file by \.
> I am trying to give a user permission for a command that contains an
> astrisk, le's say   ls *.

That's not going to work.  The shell expands globbing characters
like '*' before sudo even gets run.  If all you want is to
allow a user to run ls with any arguments, you just need:

    testuser testhost=(ROOT) NOPASSWD:/usr/bin/ls

Since commands in sudoers can run with any arguments by default.
Sudo can also interpret things like '*' itself but unless you
want to accept a literal '*' there's no reason to try to escape it.

 - todd

More information about the sudo-users mailing list