[sudo-users] Force sudo to source environment file before running a command.
Todd C. Miller
Todd.Miller at courtesan.com
Tue Oct 20 12:10:42 EDT 2009
In message <dc3ecf560910200731g698f4dcdua4ae6a954c7ede3c at mail.gmail.com>
so spake Techie (techchavez):
> Is it possible to force sudo to source a users environment file or any
> environment file with "env_file" while running a command.
> I have set a User_alias, Runas_Alias, Cmnd_Alias, and user privilege
> for a user as follows.
> User_Alias TSTU = techie
> Runas_Alias TSTA = operator
> Cmnd_Alias TSTCMD = <commands to run>
> TSTU ALL = (root) TSTCMD, (TSTA) <commands that need environment>
> So all the commands defined in the TSTCMD Cmnd_Alias will be run as
> root.. However for the commands run by the TSTA Runas_Alias AKA the
> operator user...I need to source an environment file. This file is a
> bash style environment file with statements like.
> export FAVCOLOR=red
> export DOG=boxer
> Can I use the env_file parameter to accomplish this? If so please
> provide a syntax example. From the manpage it says it is possible but
> no example.
If what you want is to have env_file apply to any command run as
TSTA, then this should do it:
TSTU ALL = (root) TSTCMD, (TSTA) <commands that need environment>
If you want to apply env_file to the commands themselves,
regardless of who they are running as:
Cmnd_Alias TSTACMD = <commands that need environment>
TSTU ALL = (root) TSTCMD, (TSTA) TSTACMD
In all cases you need to be running sudo 1.7.2 to support bash-style
More information about the sudo-users