[sudo-users] possible? nopasswd and not allowed to run <cmd> on <host>

Shane squindler at gmail.com
Wed Dec 19 01:28:15 EST 2007

Hey All,

I've got what may seem a bit of an odd request, but, is it possible to
make sudo behave in a way that will not ever prompt for a password for
commands a user cannot run?

eg simple case
sudo ls
Sorry, user user is not allowed to execute '/bin/ls' as root on host.

I want this to happen for any command not in the sudoers file for that user.

My current workaround for this is simply to only prompt for password
once and have 1 minute timeout, but that isn't ideal for our

If its not possible thats cool and I can then stick to my workaround -
but if it is possible and I've missed something in the man pages etc
I'd love to find out how.


More information about the sudo-users mailing list