[sudo-users] dynamic defaults
Andrew Kay
akay at sharp.co.uk
Thu Mar 23 06:35:57 EST 2006
I'm sorry if this is a basic question, but having read the man page
and examples several times I can't figure it out.
I want different defaults to operate by executable, for example
to do something like:
Defaults:%user stay_setuid
%user localhost = (root) NOPASSWD: /opt/admin/changepasswd ""
Defaults:%user !stay_setuid
%user localhost = (root) NOPASSWD: /opt/admin/fixpermissions ""
But I think this doesn't work because Defaults are acted on globally,
not lexically?
Does it work to create different aliases, as in
User_Alias STAY_SETUID_USERS = %user
User_Alias NOT_STAY_SETUID_USERS = %user
Defaults:STAY_SETUID_USERS stay_setuid
Defaults:NOT_STAY_SETUID_USERS !stay_setuid
STAY_SETUID_USERS localhost = (root) NOPASSWD: /opt/admin/changepasswd ""
NOT_STAY_SETUID_USERS localhost = (root) NOPASSWD: /opt/admin/fixpermissions ""
or is the aliasing expansion done too early to help me?
Any help would be welcome.
thanks
Andrew
More information about the sudo-users
mailing list