[sudo-users] sudo -l semantics
leamas.alec at gmail.com
Thu Jan 2 15:05:14 MST 2014
On 2014-01-02 19:57, Alec Leamas wrote:
> On 2014-01-02 19:37, Shawn McMahon wrote: However, if you're bound and
> determined to do this, you could give that
>> user a passwordless sudo rule allowing them to run "sudo -U
>> <username> -l"
>> as root, and parse that output for what you're searching for.
> Not really. This is a chicken and egg problem, to handle what happens
> when my app is started after a clean install. Of course, opening up
> for all users as part of installation is an option, but that would be
> system-wide and not really the way to go IMHO. The username is
> basically unknown at installation time.
> Perhaps if I installed a rule allowing all users to run exactly "sudo
> -l my-cmd" or so.... Dunno, that is perhaps not to bad?!
Which doesn't seem to work :(. I cannot specify a sane rule that
allows running sudo with a particular set of options, it basically
becomes something like "sudo sudo ..." which doesn't work (and shouldn't).
Seems that my usecase cannot work unless there is a simple way (option)
to ask if I can issue 'sudo -l' questions without running into a prompt.
Need to find other ways around this (polkit?).
More information about the sudo-users