[sudo-users] documentation clarification
Terry Inzauro
terry at remote-shell.org
Tue Sep 15 08:25:51 MDT 2015
This is more along the lines on how I envisioned it working. Pesky escapes.
Thank you for the clarification.
Quoting "Todd C. Miller" <Todd.Miller at courtesan.com>:
> To be clear, you don't need to provide full access to the shell,
> just "shell -c command". You can look in the sudo logs to see
> what you need to allow. E.g. for
>
> $ sudo -i id
>
> if root's shell is /bin/ksh the sudoers rule would be:
>
> username ALL = /bin/ksh -c id
>
> Things get a bit complicated when there are command line arguments
> since you need to escape the spaces with a backslash. E.g.
>
> $ sudo -i id -u
>
> Needs:
>
> username ALL = /bin/ksh -c id\ -u
>
> - todd
More information about the sudo-users
mailing list