[sudo-users] Cmd_Alias conflict in include file

Bram Mertens mertensb.mazda at gmail.com
Tue Sep 11 07:37:25 EDT 2012 

They're not, note the hash marks, I've simply commented out on set or the other.

On Tue, Sep 11, 2012 at 12:51 PM, Stier, Matthew
<Matthew.Stier at us.fujitsu.com> wrote:
> Strange, but the output of the grep for "works" and "fails" appears to be identical.
>
>
> -----Original Message-----
> From: sudo-users-bounces at courtesan.com [mailto:sudo-users-bounces at courtesan.com] On Behalf Of Bram Mertens
> Sent: Tuesday, September 11, 2012 5:16 AM
> To: sudo-users at sudo.ws
> Subject: [sudo-users] Cmd_Alias conflict in include file
>
> Hi,
>
> I'm trying to set up something similar to the following from the
> manual at http://www.gratisoft.us/sudo/sudoers.man.html.
>
>  Cmnd_Alias     SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \
>                          /usr/local/bin/tcsh, /usr/bin/rsh, \
>                          /usr/local/bin/zsh
>  Cmnd_Alias     SU = /usr/bin/su
>
>  jill           SERVERS = /usr/bin/, !SU, !SHELLS
>
> For any machine in the SERVERS Host_Alias, jill may run any commands
> in the directory /usr/bin except for those commands belonging to the
> SU and SHELLS Cmnd_Aliases.
>
> This works fine when I define this in /etc/sudoers but it fails when I
> enter this in our /etc/sudoers.d/mazda file
>
> [mertensb at localhost ~]$ sudo -l
>>>> /etc/sudoers.d/mazda: Alias `SUCMD' already defined near line 5 <<<
> sudo: parse error in /etc/sudoers.d/mazda near line 5
> sudo: no valid sudoers sources found, quitting
>
> I started with an alias SU but renamed it to SUCMD even though I
> cannot find any conflict.
>
> This works:
> [root at localhost ~]# grep SUCMD /etc/sudoers* /etc/sudoers*/*
> /etc/sudoers:Cmnd_Alias     SUCMD = /usr/bin/su
> /etc/sudoers:%isop   ALL=(ALL) /usr/bin/, !SUCMD
> /etc/sudoers.d/mazda:#Cmnd_Alias     SUCMD = /usr/bin/su
> /etc/sudoers.d/mazda:#%isop   ALL=(ALL) /usr/bin/, !SUCMD
>
> This fails:
> [root at localhost ~]# grep SUCMD /etc/sudoers* /etc/sudoers*/*
> /etc/sudoers:#Cmnd_Alias     SUCMD = /usr/bin/su
> /etc/sudoers:#%isop   ALL=(ALL) /usr/bin/, !SUCMD
> /etc/sudoers.d/mazda:Cmnd_Alias     SUCMD = /usr/bin/su
> /etc/sudoers.d/mazda:%isop   ALL=(ALL) /usr/bin/, !SUCMD
>
> [mertensb at localhost ~]$ sudo -l
>>>> /etc/sudoers.d/mazda: Alias `SUCMD' already defined near line 5 <<<
> sudo: parse error in /etc/sudoers.d/mazda near line 5
> sudo: no valid sudoers sources found, quitting
>
> Why can I not configure this in an include file?
>
> [mertensb at localhost ~]$ sudo -V
> Sudo version 1.7.4p5
>
> This is on RHEL6.2
>
> Regards
>
> Bram Mertens
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users

More information about the sudo-users mailing list