[sudo-users] Shortening the Command Alias list

[Skrobacz, John]

I've inherited some servers running sudo.  On one server a user account
has been given rights to chmod and/or mv files using sudo.  The sudoers
file is set up to list each file name that can be changed.  I would like
to use wildcards if I can.  I tried using the full path to the files
with an asterisk but this did not work.  Here is an example.


Cmnd_Alias      CHMOD = /usr/bin/chmod 666 /usr3/chartmax/ibmmh, \
                        /usr/bin/chmod 666 /usr3/chartmax/ibovh, \
                        /usr/bin/chmod 666 /usr3/chartmax/ibmsh, \
                        /usr/bin/chmod 666 /usr3/chartmax/FBR901*, \
                        /usr/bin/chmod 666 /usr3/omega/omegammh, \
                        /usr/bin/chmod 666 /usr3/omega/omegaovh, \
                        /usr/bin/chmod 666 /usr3/apharmrpt/pharmds, \
                        /usr/bin/chmod 666 /usr3/bpharmrpt/pharmds, \
                        /usr/bin/chmod 666 /usr3/cpharmrpt/pharmds, \
                        /usr/bin/chmod 666 /usr2/ftpsrvr/vista/FSR121*,
\
                        /usr/bin/chmod 666 /usr2/ftpsrvr/vista/FAR150*,
\
                        /usr/bin/chmod 666 /usr2/ftpsrvr/vista/FXPCAT5*,
\
                        /usr/bin/chmod 666
/usr2/ftpsrvr/vista/FXPCATA4*, \


Cmnd_Alias      MV = /usr/bin/mv /usr3/omega/omegammh
/usr3/omega/mmh/*.TXT, \
                     /usr/bin/mv /usr3/omega/omegaovh
/usr3/omega/ovh/*.TXT, \
                     /usr/bin/mv /hbo/rxdown/*pmm.dat
/hbo/rxdown/*pmm.dat.rcp,
\
                     /usr/bin/mv /usr3/chartmax/FBR901*
/usr3/chartmax/FBR901*,
\
                     /usr/bin/mv /usr2/ftpsrvr/CAPS/*
/usr2/ftpsrvr/CAPS/*, \
                     /usr/bin/mv /usr2/ftpsrvr/vista/FSR121*, \
                     /usr/bin/mv /usr2/ftpsrvr/vista/FAR150*, \
                     /usr/bin/mv /usr2/ftpsrvr/vista/FXPCAT5*, \
                     /usr/bin/mv /usr2/ftpsrvr/vista/FXPCATA4*, \
                     /usr/bin/mv /usr2/ftpsrvr/vista/FFR300*, \
                     /usr/bin/mv /usr2/ftpsrvr/vista/FFR210*, \


The information contained in this email is intended only for the use of the person(s) identified above. This communication may contain work product which is privileged and confidential, and may contain content which is regulated by Federal law. If you are not an intended recipient or the employee or agent responsible to deliver this to the intended recipient, you have received this message in error and any review, distribution or copying of it by you is prohibited. If you have received this message in error, please notify the sender immediately, and delete the message. E-mail and communication system messages generated by members of the Atlantic Health workforce may not necessarily reflect the views of Atlantic Health, its officers, directors or management.