[sudo-users] sudoers exception failure with root
Mike
iminneed at gmail.com
Wed Aug 31 14:53:23 EDT 2005
I need some help understanding why sudo isn't allowing me to prevent
users from logging on as root. I looked in the posts archives and
didn't see anything so I'm sorry if this is a recursive post. I followed
the example in the sudoers manual and yet I'm still allowed to login as
root. Here is a few lines of the sudoers file that should have the
proper syntax, any help would be appreciated:
ADMIN ALL=(ALL) /usr/local/bin/, /usr/local/sbin/, \
/usr/bin/, /usr/sbin/, \
/bin/, /sbin/, \
/etc/, \
/bin/su [-]?*, !/bin/su [-]*root*, \
/usr/sbin/su [-]?*, !/usr/sbin/su
[-]*root*, \
/usr/local/scripts/, \
/usr/local/scripts/backup/, \
!/usr/sbin/visudo, !/usr/local/bin/visudo, \
!/sbin/visudo, \
!/usr/bin/passwd root, \
!/etc/passwd root
There are no further instances of /bin, /sbin any where else in the file.
In reading through other posts, I understand that the processing of
request is the last item seen is the item that wins. I am at a loss as
to how to deny user to logon as root.
Thank you for your time.
Mike
More information about the sudo-users
mailing list