[sudo-users] sudo-ldap and precedence
Mark Janssen
maniac.nl at gmail.com
Tue Apr 27 18:33:19 EDT 2010
On Tue, Apr 27, 2010 at 8:48 AM, Andreas Heinlein <aheinlein at gmx.com> wrote:
> Am 26.04.2010 17:49, schrieb Mark Janssen:
>> On Mon, Apr 26, 2010 at 4:35 PM, Andreas Heinlein <aheinlein at gmx.com> wrote:
>>
>>> We have
>>> a) the usual setup ($admin ALL=(ALL) ALL), where admins can execute any
>>> command, but have to enter their password
>>> b) some commands that everyone in the users group can execute *without*
>>> a password. At the moment, this works for "normal" users but not for
>>> users which are also in the admin group, these stille have to enter
>>> their passwordv (%users ALL NOPASSWD:/usr/bin/...).
Assuming the users in the %admin group are also included in the %users
group... you could try explicitly including %admin, or replacing
%users with ALL (if this is what you want)
--
Mark Janssen -- maniac(at)maniac.nl -- pgp: 0x357D2178 | ,''`. |
Unix / Linux Open-Source and Internet Consultant @ Snow.nl | : :' : |
Maniac.nl MarkJanssen.nl NerdNet.nl Unix.nl | `. `' |
Skype: markmjanssen ICQ: 129696007 irc: FooBar on undernet | `- |
More information about the sudo-users
mailing list