[sudo-users] executing with different user environment

Matt Williams matt at williams-tech.net
Fri Mar 15 10:42:13 MDT 2013

I would like to allow all members in the %devops group to execute certain
knife commands as the chef user. I've dropped a sudo file in the
/etc/sudoers.d/chef that contains the following:

Defaults:%devops env_reset

%devops ALL=(chef) NOPASSWD:/usr/bin/knife

Then, as a user that is a member of the devops group, I get this:

$ sudo -H -u chef knife node list
WARNING: No knife configuration file found

Note that knife will look in $HOME/.chef/knife.rb before looking in
/etc/chef so it needs to be hitting /home/chef/.chef/knife.rb. I then
execute this as a sanity check:

$ sudo -H -u chef echo $HOME  #my user is also a member of %sysadmin group,
which has ALL=(ALL)

If I just su - into the chef account, I can execute these commands without
err. What do I need to do to have my environment be set to that of the chef

My version of sudo is 1.7.2p1-1ubuntu5.6

Thanks in advance!

More information about the sudo-users mailing list