[sudo-users] sudo -l semantics

Alec Leamas leamas.alec at gmail.com
Thu Jan 2 15:05:14 MST 2014

On 2014-01-02 19:57, Alec Leamas wrote:
> On 2014-01-02 19:37, Shawn McMahon wrote: However, if you're bound and 
> determined to do this, you could give that
>> user a passwordless sudo rule allowing them to run "sudo -U 
>> <username> -l"
>> as root, and parse that output for what you're searching for.
> Not really. This is a chicken and egg problem, to handle what happens 
> when my app is started  after a clean install.  Of course, opening up 
> for all users as part of installation is an option, but that would be 
> system-wide and not really the way to go IMHO. The username is 
> basically unknown at installation time.
> Perhaps if I installed a rule allowing all users to run exactly "sudo 
> -l my-cmd" or so.... Dunno, that is perhaps not to bad?!
> --alec
Which doesn't seem to work :(.   I cannot specify a sane rule that 
allows running sudo with a particular set of options, it basically 
becomes something like "sudo sudo ..." which doesn't work (and shouldn't).

Seems that my usecase cannot work unless there is a simple way (option) 
to ask if I can issue 'sudo -l' questions without running into a prompt. 
Need to find other ways around this (polkit?).


More information about the sudo-users mailing list