[sudo-users] sudoHost matches regardless of netgroup membership
Todd C. Miller
Todd.Miller at courtesan.com
Mon Oct 22 15:29:41 EDT 2012
The problem is that you have your host netgroups setup incorrectly.
[swick at swtest-5864p ~]$ getent netgroup Test_hosts
Test_hosts ( , swtest-5864p, )
That should display:
Test_hosts ( swtest-5864p, , )
As you have it, swtest-5864p is interpreted as a user and the host
portion, being empty, is treated as a wildcard that matches any
host.
I had to stare at this for quite some time before I noticed that :-)
- todd
More information about the sudo-users
mailing list