[sudo-users] using localhost in sudoers
Petr Uzel
petr.uzel at suse.cz
Thu Jul 22 05:24:51 EDT 2010
On Wed, Jul 21, 2010 at 09:58:50AM -0400, Todd C. Miller wrote:
> In message <20100721133934.GA23899 at foxbat.suse.cz>
> so spake Petr Uzel (petr.uzel):
>
> > I'm curious: is it somehow possible to restrict some of the rules only
> > to users logged locally?
>
> What would you consider a local user?
The same as who/lastlog commands.
> If the user is logged in on
> /dev/console or a virtual console tty this is easy to determine but
> that's not the case for users logged in via a graphical login.
I see. Only wtmp/utmp database comes to my mind. However, I don't
know if this might work and I doubt it is worth it. As I said - I was
just curious.
> > Next, I think that the above is a common misunderstanding - maybe
> > it should be mentioned in sudoers(5) and/or sudo FAQ ?
>
> I'm not sure where this misconception comes from but I can add
> something to the documentation to try and clear it up.
Thanks.
>
> - todd
Petr
--
Petr Uzel
IRC: ptr_uzl @ freenode
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: </pipermail/sudo-users/attachments/20100722/e071e051/attachment.bin>
More information about the sudo-users
mailing list