[sudo-users] Giving access to one app for all users
Bob Proulx
bob at proulx.com
Wed May 17 21:34:05 EDT 2006
Paul Thompson wrote:
> Pirates-Cove:~ paul$ sudo -l
> User paul may run the following commands on this host:
> (ALL) ALL
> (root) NOPASSWD: ALL
> Pirates-Cove:~ paul$
>
> If I understand this correctly, it seems to be saying that the
> user paul can run all commands, and root may run all commands without
> a password.
As I read it the first line says that paul can run all commands as all
users. It will ask for a password for this. The second line says
that user paul can run all commands as root and will not ask for a
password. It is root because the sudoers file did not specify (ALL)
in the users field and so defaults to (root).
> The only thing I don't see is a reference to the print
> command.
Agreed. This is so different from the file you showed that I have to
wonder if the sudo you are using is actually referencing a completely
different sudoers file than the one you think it is using. The file
you showed did not have any reference to "(root) NOPASSWD: ALL" for
any user. Are you sure you were using the right file?
On my machine I can run strings on the binary and find the file path
to the sudoers file.
strings /usr/bin/sudo | grep sudoers
...
/etc/sudoers
...
Bob
More information about the sudo-users
mailing list