[sudo-users] sudoers file - Limiting command line argument
b. nyec
bnyec at yahoo.com
Mon Feb 27 14:32:12 EST 2012
Hi,
I know this has been asked many times, but i am unable to find a solid answer/solution.
I just need to exclude or restrict one or two command line arguments from an allowed command.
Logic:
Allow the command /path/to/command to be run with ALL arguments except for "-a" and "--argument"
So for example,
/path/to/command -myarg bla -secdarg bla2 - would be allowed
/path/to/command -myarg bla -a -secdarg bla2 - would NOT be allowed
/path/to/command -myarg bla -secdarg bla2 -a - would NOT be allowed
/path/to/command --argument -myarg bla -secdarg bla2 - would NOT be allowed
etc....
What would be the regex for something like this? trial and error, i'm not able to get it to work properly.
I have seen suggestions a little less elegant of creating a "wrapper script", would this the only real alternative/correct way ?
Thanks for you time.
- B
More information about the sudo-users
mailing list