[sudo-users] Sudo Config File Error?!?

Chuck chuck.carson at gmail.com
Tue Jan 5 15:09:49 EST 2010


I am building a sudo config on a Solaris 10 (update 8) system running sudo
1.7.2p1...

Here is what I have so far:

root    ALL=(ALL) ALL

%ng ALL=(ALL) ALL

Cmnd_Alias SHELLS = /bin/sh, /bin/ksh, /bin/bash, /bin/csh, /usr/bin/sh,
/usr/bin/ksh, /usr/bin/bash, /usr/bin/csh

User_Alias CLUSTER100_USERS     = oracle
User_Alias DBA_USERS            = +dba-users

Host_Alias CLUSTER100_HOSTS     = xxxx007, xxxx008

DBA_USERS CLUSTER100_HOSTS      = (oracle) SHELLS

CLUSTER100_USERS CLUSTER100_HOSTS = (root) SETENV: \
                        /opt/csw/bin/viewcronlog, \
                        /opt/csw/bin/viewcronolog, \
                        /ora_bin/base/oraInventory/orainstRoot.sh, \
                        /ora_bin/base/dbhomes/oracle/10A/root.sh, \
                        /ora_bin/base/dbhomes/oracle/10A/bin/srvctl, \
                        /ora_bin/crs/root.sh, \
                        /ora_bin/crs/bin/crsctl, \
                        /ora_bin/crs/bin/ocrconfig, \
                        /ora_bin/crs/install/root102.sh, \
                        /ora_bin/crs/OPatch/opatch, \
                        /bin/chown root:oinstall /ora_admin/rac/ocr, \
                        /bin/chown root:oinstall /ora_redoa/rac/ocr, \
                        /bin/chown oracle:oinstall /ora_admin/rac/votedisk,
\
                        /bin/chown oracle:oinstall /ora_redoa/rac/votedisk,
\
                        /bin/chown oracle:oinstall /ora_temp/rac/votedisk, \
                        /bin/chmod 640 /ora_redoa/rac/ocr, \
                        /bin/chmod 640 /ora_admin/rac/ocr, \
                        /usr/bin/sh /home/orabackup/orasoftware/Oracle10gR2/
10.2.0.4/patch_bundles/Oct2009/8833280/psu_root.sh, \
                        /usr/bin/cp /home/oracle/scripts/crs/crs_stat.ksh
/ora_bin/crs/bin/, \
                        /usr/bin/cp /home/oracle/scripts/crs/crs_stat.ksh
/ora_bin/base/dbhomes/oracle/10A/bin/, \
                        /usr/bin/mv  /ora_bin/crs/OPatch
/ora_bin/crs/OPatch_102043, \
                        /usr/bin/cp -p
/home/orabackup/orasoftware/OPatch_10.2.0.4.8/p6880880_102000_SOLARIS64.zip
/ora_bin/crs/, \
                        /usr/bin/unzip
/ora_bin/crs/p6880880_102000_SOLARIS64.zip, \
                        /ora_bin/crs/OPatch/ocm/bin/emocmrsp

When I edit the file using visudo and then exit, I complains:
visudo: /usr/local/etc/sudoers.tmp unchanged
>>> /usr/local/etc/sudoers: syntax error near line 55 <<<
visudo: Warning: unused User_Alias CLUSTER100_USERS
What now?

Here are lines 54-56
                        /ora_bin/crs/install/root102.sh, \
                        /ora_bin/crs/OPatch/opatch, \
                        /bin/chown root:oinstall /ora_admin/rac/ocr, \

Using "cat -vet" I look for non-printing characters in sudoers and I see
everything as it should be.. (tabs, whitespace, and eol)

This same stanza works on a Solaris 9 system running sudo 1.6.9p15

I then thought maybe there is a character limit on each definition but there
are 578 bytes in the entry up to line 55 which seems to be an odd number to
limit a line length at. (the entire entry has 1863 bytes)

I'm sure this is something stupid staring me right in the face but I give
up.

Anyone have any ideas?

Thanks,
CC



More information about the sudo-users mailing list