[sudo-users] CGI not allowing sudo command
David Logan
david at lcscreative.com
Sat Jan 1 06:16:08 EST 2005
Hi Folks,
I have read the faq and searched the archives and can't find a solution
to my problem (well this one anyway) - This is running on Solaris 9 with
Apache 2.0.50 and perl 5.8.0. The script is running via CGI hence the
user nobody. I have displayed the UID from the script and it is
definitely 'nobody'.
I am receiving an error message :
Jan 1 21:10:31 server2 /usr/local/bin/sudo: [ID 702911 auth.alert]
nobody : command not allowed ; TTY=unknown ;
PWD=/usr/dev/lcscreative/cgi ; USER=mailman ;
COMMAND=/usr/local/mailman/bin/add_members -r - -w n testlist
with a configuration of
# Host alias specification
Host_Alias WEB_SERVERS = server1, server2
# Cmnd alias specification
Cmnd_Alias LISTS = /usr/local/mailman/bin/
# Defaults specification
Defaults insults
Defaults syslog=auth
Defaults:nobody runas_default=mailman
Defaults:nobody !authenticate
# Run alias specification
Runas_Alias MAILLIST = %mailman
nobody WEB_SERVERS=(MAILLIST) LISTS
I am trying to add a user to a mailman list, via a perl cgi script, and
thought I had the format right (after having scoured the Sudoers manual)
and am at a bit of a loss to explain why this won't work. I can run the
command from the command line if I su nobody and then
server2 $ echo 'davidl at server2.lcs | /usr/local/bin/sudo -u mailman
/usr/local/mailman/bin/add_members -r - -w n testlist
I end up with the above mentioned error message in the auth log with no
real explanation.
I would appreciate any assistance given.
Many thanks
David
when in trouble, or in doubt
run in circles, scream and shout
More information about the sudo-users
mailing list