[sudo-users] escaping in sudoers

Jiri B jirib at devio.us
Sun Sep 30 17:13:25 EDT 2012


I would like to run an X11 app under different user, so
here is my line in sudoers.

$ sudo grep xclock /etc/sudoers
me ALL=(root) NOPASSWD: /usr/bin/su -s /bin/sh -l toruser -c 'env DISPLAY\=\:0 xclock'

If I am reading man page right, '=' and ':', should be escaped.

I found via google a related discussion to escaping in sudoers, and they
used double escaping. This doesn't seem even correct, and `visudo' won't
let me to even save the modification.[1]

So, here's the test. Invalidating timestamp and running the command.

$ sudo -k ;sudo -n /usr/bin/su -s /bin/sh -l toruser -c 'env DISPLAY=:0 xclock' 
sudo: sorry, a password is required to run sudo

Could any help me how to do it syntactically correctly? I don't want to write
a wrapper ;)

Thank you!


[1] http://www.mail-archive.com/augeas-devel@redhat.com/msg03043.html

More information about the sudo-users mailing list