[sudo-users] FW: sudoers anomaly
Carville, Stephen
scarville at LANDAM.com
Wed Jul 16 16:14:00 EDT 2008
Todd C. Miller [Todd.Miller at courtesan.com] opines:
> In message
> <B2E59DACDD5BAE4E9610EA5C7BF48716024523D6 at txsan01exc02.kci.com>
> so spake "Wood, Mike" (Mike.Wood):
>
> > I have a similar problem (Sudo version 1.6.9p13).
> > -
> > A user complained that he couldn't execute a certain command. Sudo
-
> l
> > shows he should be able to. Specifically from sudo -l:
> > (root) NOPASSWD: /usr/tivoli/tsm/client/ba/*/start_dsmc,
> > /usr/tivoli/tsm/client/ba/bin/dsmc
> >
> > Unfortunately, he gets "lectured".
> >
> > Now if I delete a Host_Alias that it COMPLETELY UNRELATED, it then
> works
> > fine.
> >
> > Additionally, if I su - to the account from root, it works fine
> (whether
> > I edit Host_aliases or not.
> >
> > I'm completely baffled.
>
> I'd love to know whether sudo 1.7.0rc2 exhibits the same behavior.
> ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.7.0rc2.tar.gz
Out of curiosity, has anyone tried the -s flag for visudo on the sudoers
file?
$ visudo -cs -f /etc/sudoers
This can sometimes catch subtle problems.
--
Stephen Carville <scarville at landam.com>
Systems Engineer
Land America
1.626.667.1450 X1326
#####################################################################
That which does not kill us often hurts us a lot.
More information about the sudo-users
mailing list