[sudo-users] How to test sudoers before deployment?

Bob Proulx bob at proulx.com
Thu Jan 6 13:28:44 EST 2005


Is there way to easily check what permissions are given to a
particular user on a particular machine?  Some functionally similar to
using sudo -l but specifically for that user and host?  I am hoping
someone will tell me I am missing something obvious.  :-)

Of course I can do something similar to this:

  ssh $HOST sudo su -- $USER sudo -l

You get the idea.  But for that you need root just to test the file
and other unpleasantries.  I would rather be able to do something like
the following.  Just as an example of what I am looking for.

  sudo -l -c ./sudoers.new -u $USER@$HOST

I am making some large scale reorganization to our sudoers file and
would like some way to test the result before actually deploying it.
If others have best practices for doing this that they would be
willing to share I would appreciate it.

Thanks
Bob



More information about the sudo-users mailing list