[sudo-users] sudo 1.8.17 target user group membership problem
Armin Kunaschik
megabreit at googlemail.com
Wed Jun 22 06:54:31 MDT 2016
On Wed, Jun 22, 2016 at 1:54 PM, Armin Kunaschik
<megabreit at googlemail.com> wrote:
> sudo 1.8.13:
> $ id
> uid=400(sudouser) gid=400(sudouser) groups=1(staff)
> $ sudo -u oracle id
> uid=207(oracle) gid=500(oracle)
>
> sudo 1.8.17:
> $ id
> uid=400(sudouser) gid=400(sudouser) groups=1(staff)
> $ sudo -u oracle id
> uid=207(oracle) gid=400(sudouser) groups=1(staff)
>
> Was there a change in the default behavior on how to hande group memberships?
> Or is this a bug? Or something completely different?
> I'm using the AIX 5.3 rpm package from sudo.ws and run things on AIX
> 6.1 and 7.1.
Some more information on the topic:
The change probably happened between 1.8.16 and 1.8.17. Things were
working fine with 1.8.16.
sudoers contains:
sudouser ALL = (oracle) NOPASSWD: /usr/bin/id
$ sudo -ll
User sudouser may run the following commands on host123:
Sudoers entry:
RunAsUsers: oracle
Options: !authenticate
Commands:
/usr/bin/id
Armin
More information about the sudo-users
mailing list