[sudo-users] LDAP Sudoers sudo -l without password

Jason Hamilton jhamilton at simulexinc.com
Fri Feb 19 16:51:06 EST 2010

I'm not sure if this is possible, but is there a way to allow a group of 
users to run "sudo -l" without authenticating, but also not permitting 
them to run all commands without authenticating? I tried something like 

dn: cn=viewmyinfo,ou=SUDOers,dc=sample,dc=com
objectClass: sudoRole
objectClass: top
cn: viewmyinfo
sudoCommand: sudo -l
sudoHost: ALL
sudoOption: !authenticate
sudoRunAs: ALL
sudoUser: %users

Maybe it's a Friday thing, and I just can't think.


Jason Hamilton
IT Manager
* jhamilton at simulexinc.com
( OFFICE: 765.463.2690 x7015
( CELL: 765.237.9515

Simulex, Inc. | Synthetic Environments for Analysis and Simulation
3842 McClure Ave, Ste. 120
West Lafayette, IN 47906

More information about the sudo-users mailing list