[sudo-users] Giving access to one app for all users

Bob Proulx bob at proulx.com
Wed May 17 21:34:05 EDT 2006

Paul Thompson wrote:
> Pirates-Cove:~ paul$ sudo -l
> User paul may run the following commands on this host:
>     (ALL) ALL
>     (root) NOPASSWD: ALL
> Pirates-Cove:~ paul$
>   If I understand this correctly, it seems to be saying that the  
> user paul can run all commands, and root may run all commands without  
> a password.

As I read it the first line says that paul can run all commands as all
users.  It will ask for a password for this.  The second line says
that user paul can run all commands as root and will not ask for a
password.  It is root because the sudoers file did not specify (ALL)
in the users field and so defaults to (root).

> The only thing I don't see is a reference to the print  
> command.

Agreed.  This is so different from the file you showed that I have to
wonder if the sudo you are using is actually referencing a completely
different sudoers file than the one you think it is using.  The file
you showed did not have any reference to "(root) NOPASSWD: ALL" for
any user.  Are you sure you were using the right file?

On my machine I can run strings on the binary and find the file path
to the sudoers file.

  strings /usr/bin/sudo | grep sudoers


More information about the sudo-users mailing list