[sudo-users] sudo and variable expantion: HowTo?

Galen Johnson Galen.Johnson at sas.com
Thu Jun 8 10:05:18 EDT 2006

 Just to expand a bit upon what Matt said:

Sudo is looking for the exact match of /bin/kill -HUP `cat /var/run/ntpd.pid`...however what it is actually getting is /bin/kill -HUP 12345...this is because the shell has to expand the `` prior to executing the kill command, hence Matt's solution is, IMO, your only option.


-----Original Message-----
From: sudo-users-bounces at courtesan.com [mailto:sudo-users-bounces at courtesan.com] On Behalf Of Matthew Hannigan
Sent: Thursday, June 08, 2006 9:57 AM
To: генерал Пурпоз
Cc: sudo-users at sudo.ws
Subject: Re: [sudo-users] sudo and variable expantion: HowTo?

On Thu, Jun 08, 2006 at 11:30:45AM +0400, генерал Пурпоз wrote:
> Hello Matthew,
> >>   mortal     ALL = /bin/kill -HUP $(cat /var/run/ntpd.pid)
> > At a guess the invoked shell  does not like the $( .. )
> > Try
> >         mortal     ALL = /bin/kill -HUP `cat /var/run/ntpd.pid`
> No, this way it does not work either.
> Both ways I see the correct PID shown in the refusal sudo message
> stating that "mortal is not allowed to ... as root on this host".

Hrm; how do you invoke it?

Sudo does a textual match; it's pretty hard to get something
to match backquotes without it actually being eval'd

Best off writing a wrapper script, say, hupntp, with
	/bin/kill -HUP `cat /var/run/ntpd.pid`

then in sudoers:

	mortal     ALL = /usr/local/bin/hupntp


sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:

More information about the sudo-users mailing list