[sudo-users] Using wild cards in a command path
Carville, Stephen
scarville at LANDAM.com
Wed Jul 30 12:14:10 EDT 2008
> -----Original Message-----
> From: sudo-users-bounces at courtesan.com [mailto:sudo-users-
> bounces at courtesan.com] On Behalf Of Russell Van Tassell
> Sent: Monday, July 28, 2008 3:59 PM
> To: Eric Bradley
> Cc: Carville, Stephen; sudo-users at sudo.ws
> Subject: Re: [sudo-users] Using wild cards in a command path
>
> On Mon, Jul 28, 2008 at 03:51:10PM -0500, Eric Bradley wrote:
> > Stephen,
> > I tried what you suggested and got the same results. Any other
> > suggestions?
>
> It's often helpful to try "sudo -l" to see what commands sudo thinks
> can
> be run (ie. how the sudoers file is being parsed) to make sure you're
> getting back a reasonable list.
I experimented on my local sudo install (v 1.6.8p12) and I found that
the directory spec in the Cmnd_Alias only works if there is one
directory in the path
this works:
Cmnd_Alias PERMITTED = /bin/ /sbin/
Ttest ALL=(ALL) NOPASSWD:PERMITTED
this fails
Cmnd_Alias PERMITTED = /usr/bin/ /usr/sbin/
ttest ALL=(ALL) NOPASSWD:PERMITTED
BTW: sorry if this is a duplicate post. Earthquake + Exchange == Who
knows if anything got thru...
--
Stephen Carville <scarville at landam.com>
Systems Engineer
Land America
1.626.667.1450 X1326
#####################################################################
That which does not kill us often hurts us a lot.
More information about the sudo-users
mailing list