[sudo-users] Setting flags on a per command basis?
pottmi at gmail.com
Thu Sep 7 11:31:23 EDT 2006
Here is a question that i asked with the same goal in mind, I have also
included Todd Miller's response:
> Mike Potter Wrote:
> The specification for Defaults is like this:
> Default_Type ::= 'Defaults' |
> 'Defaults' '@' Host |
> 'Defaults' ':' User |
> 'Defaults' '>' RunasUser
> Cmnd is absent.
> The reason I am asking is that I would like to turn off logging for
> This seems like I should be able to do something like this:
> Defaults&Cmnd !syslog
I would be interested in trying to change sudo to support my proposed
syntax, but I would first like to hear from from someone with more
experience with the sudo source code as to why this feature is
It seems like an obvious feature so I suspect that there is some
non-trival problem with implementing it.
One solution would be for you to run that command as a different user
so you could use some thing like this:
I would appreciate hearing your solution if you come up with one.
>Here is Todd's response:
> It is not possible with the parser in sudo 1.6.x. This feature is
> present already in the sudo cvs sources and will be part of sudo
> 1.7 once the code base is cleaned up a bit.
On 9/7/06, Piete Brooks <piete.brooks--sudo-users at cl.cam.ac.uk> wrote:
> So far I have only been able to set flags such as:
> Defaults preserve_groups
> Defaults targetpw
> Defaults env_keep += "XAUTHORITY"
> globally. I would expect to be able to set these on a per command basis,
> I've not discovered the correct syntax. Can it be done, and if so
> how? Thanks.
More information about the sudo-users