[sudo-users] use of sudo with -g option

Michael Potter michael at potter.name
Fri May 14 21:32:24 EDT 2010

Sudo Crew,

I am trying to understand how the -g option works.  Here are some of my tests:

pottmi:~ pottmi$ id
uid=501(pottmi) gid=501(pottmi)
pottmi:~ pottmi$ sudo -u root -g everyone id
Sorry, user pottmi is not allowed to execute '/usr/bin/id' as
root:everyone on pottmi.local.

So, I add this rule:
pottmi  ALL=(root:everyone) /usr/bin/id

And try again:
pottmi:~ pottmi$ sudo -u root -g everyone id
uid=0(root) gid=0(wheel)

pottmi:~ pottmi$ sudo -V
Sudo version 1.7.0

So, here are my questions:
1) Where is it documented to specify a group in the runas user
specification?  I did not find it anywhere in doc, I just guessed.

2) Why doesn't the id command report gid=12?    [12 is everyone's group id]

Michael Potter

More information about the sudo-users mailing list