[sudo-users] sudo -i doesn't respect NOPASSWD?
Todd C. Miller
Todd.Miller at courtesan.com
Mon Sep 9 13:36:45 MDT 2013
On Mon, 09 Sep 2013 20:04:17 +0200, =?UTF-8?Q?S=C3=A9bastien_Luttringer?= wrote
:
> # cat /etc/sudoers.d/81-seblu-id
> seblu ALL=(root) NOPASSWD: /usr/bin/id
>
> Is there any special option to have NOPASSWD working with -i? Or is it a bug?
When you use the -i flag you are wrapping the command inside a
shell. The actual command that gets run is probably something like:
/bin/sh -c id
or:
/bin/bash -c id
depending on what root's shell is. Check your logs to see what is
actuallyl being denied.
- todd
More information about the sudo-users
mailing list