[sudo-users] sudo and variable expantion: HowTo?
Galen Johnson
Galen.Johnson at sas.com
Thu Jun 8 10:05:18 EDT 2006
Just to expand a bit upon what Matt said:
Sudo is looking for the exact match of /bin/kill -HUP `cat /var/run/ntpd.pid`...however what it is actually getting is /bin/kill -HUP 12345...this is because the shell has to expand the `` prior to executing the kill command, hence Matt's solution is, IMO, your only option.
=G=
-----Original Message-----
From: sudo-users-bounces at courtesan.com [mailto:sudo-users-bounces at courtesan.com] On Behalf Of Matthew Hannigan
Sent: Thursday, June 08, 2006 9:57 AM
To: генерал Пурпоз
Cc: sudo-users at sudo.ws
Subject: Re: [sudo-users] sudo and variable expantion: HowTo?
On Thu, Jun 08, 2006 at 11:30:45AM +0400, генерал Пурпоз wrote:
> Hello Matthew,
>
> >> mortal ALL = /bin/kill -HUP $(cat /var/run/ntpd.pid)
> > At a guess the invoked shell does not like the $( .. )
> > Try
> > mortal ALL = /bin/kill -HUP `cat /var/run/ntpd.pid`
> No, this way it does not work either.
> Both ways I see the correct PID shown in the refusal sudo message
> stating that "mortal is not allowed to ... as root on this host".
Hrm; how do you invoke it?
Sudo does a textual match; it's pretty hard to get something
to match backquotes without it actually being eval'd
prematurely.
Best off writing a wrapper script, say, hupntp, with
contents
#!/bin/sh
/bin/kill -HUP `cat /var/run/ntpd.pid`
then in sudoers:
mortal ALL = /usr/local/bin/hupntp
Matt
____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-users
More information about the sudo-users
mailing list