[sudo-users] SETENV
Todd C. Miller
Todd.Miller at courtesan.com
Fri Mar 27 12:01:46 EDT 2009
In message <C5F26E19.3442A%eric.freeman at tbwachiat.com>
so spake Eric Freeman (eric.freeman):
> Since upgrading to sudo-1.7.0 and turning on LDAP ( I don¹t think this point
> is relevant since it is a local user) it appears the users environment
> variables are not being honored.
>
> I was reading the man pages and using google but I need some help. I am
> running sudo-1.7.0 on HPUX 11.11
>
> I modified the /etc/sudoers to look like:
>
> ALL ALL=(ALL) SETENV: ALL
>
> However, this is not working.
>
> When I run sudo -E I receive the following error:
>
> sudo: sorry, you are not allowed to preserve the environment
>
> I believe I need to change something in the above line in /etc/sudoers.
That line looks correct, perhaps there is another sudoers line
that is overriding it. What does the output of "sudo -l" show?
Note that you can change the environment handling to be more like
versions of sudo prior to 1.6.9 with a line like:
Defaults !env_reset
in sudoers, though there are security consequences. The "SECURITY
NOTES" section of the manual talks a little bit about this.
- todd
More information about the sudo-users
mailing list