[sudo-users] using localhost in sudoers

Petr Uzel petr.uzel at suse.cz
Thu Jul 22 05:24:51 EDT 2010

On Wed, Jul 21, 2010 at 09:58:50AM -0400, Todd C. Miller wrote:
> In message <20100721133934.GA23899 at foxbat.suse.cz>
> 	so spake Petr Uzel (petr.uzel):
> > I'm curious: is it somehow possible to restrict some of the rules only
> > to users logged locally?
> What would you consider a local user? 

The same as who/lastlog commands.

> If the user is logged in on
> /dev/console or a virtual console tty this is easy to determine but
> that's not the case for users logged in via a graphical login.

I see. Only wtmp/utmp database comes to my mind. However, I don't
know if this might work and I doubt it is worth it. As I said - I was
just curious.

> > Next, I think that the above is a common misunderstanding - maybe
> > it should be mentioned in sudoers(5) and/or sudo FAQ ?
> I'm not sure where this misconception comes from but I can add
> something to the documentation to try and clear it up.


>  - todd


Petr Uzel
IRC: ptr_uzl @ freenode
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: </pipermail/sudo-users/attachments/20100722/e071e051/attachment.bin>

More information about the sudo-users mailing list