[sudo-users] documentation clarification

Terry Inzauro terry at remote-shell.org
Tue Sep 15 08:25:51 MDT 2015

This is more along the lines on how I envisioned it working. Pesky escapes.

Thank you for the clarification.

Quoting "Todd C. Miller" <Todd.Miller at courtesan.com>:

> To be clear, you don't need to provide full access to the shell,
> just "shell -c command".  You can look in the sudo logs to see
> what you need to allow.  E.g.  for
>     $ sudo -i id
> if root's shell is /bin/ksh the sudoers rule would be:
>     username ALL = /bin/ksh -c id
> Things get a bit complicated when there are command line arguments
> since you need to escape the spaces with a backslash.  E.g.
>     $ sudo -i id -u
> Needs:
>     username ALL = /bin/ksh -c id\ -u
>  - todd

More information about the sudo-users mailing list