[sudo-users] CGI not allowing sudo command

David Logan david at lcscreative.com
Sat Jan 1 06:16:08 EST 2005

Hi Folks,

I have read the faq and searched the archives and can't find a solution
to my problem (well this one anyway) - This is running on Solaris 9 with
Apache 2.0.50 and perl 5.8.0. The script is running via CGI hence the
user nobody. I have displayed the UID from the script and it is
definitely 'nobody'.

I am receiving an error message :
Jan  1 21:10:31 server2 /usr/local/bin/sudo: [ID 702911 auth.alert]
nobody : command not allowed ; TTY=unknown ;
PWD=/usr/dev/lcscreative/cgi ; USER=mailman ;
COMMAND=/usr/local/mailman/bin/add_members -r - -w n testlist

with a configuration of

# Host alias specification
Host_Alias WEB_SERVERS = server1, server2

# Cmnd alias specification
Cmnd_Alias LISTS = /usr/local/mailman/bin/

# Defaults specification
Defaults        insults
Defaults        syslog=auth
Defaults:nobody runas_default=mailman
Defaults:nobody !authenticate

# Run alias specification
Runas_Alias MAILLIST = %mailman


I am trying to add a user to a mailman list, via a perl cgi script,  and
thought I had the format right (after having scoured the Sudoers manual)
and am at a bit of a loss to explain why this won't work. I can run the
command from the command line if I su nobody and then

server2 $ echo 'davidl at server2.lcs | /usr/local/bin/sudo -u mailman
/usr/local/mailman/bin/add_members -r - -w n testlist

I end up with the above mentioned error message in the auth log with no
real explanation.

I would appreciate any assistance given.

Many thanks


when in trouble, or in doubt
run in circles, scream and shout

More information about the sudo-users mailing list