[sudo-users] cannot specify 2 differents sudo command on 2 machines
zorgui zorg
zorg724 at gmail.com
Thu Mar 3 10:20:15 MST 2016
Hello,
I 'am using ldap sudoers (openlap), and i try to specify the architecture:
The user "*acdc_admin*" shall:
-execute command "/usr/bin/systemctl *" on machine * i-vsrv-acd-ingdis-nom*
-execute commands : /bin/yum and /bin/yumdownloader on machine
*vsrv-bsr-serv1-nom*
(file SUDOers.ldif):
dn: cn=*acdc_admin*,ou=SUDOers,ou=services,dc=fe.net
objectClass: top
objectClass: sudoRole
cn: acdc_admin
sudoUser: acdc_admin
*sudoHost: i-vsrv-acd-ingdis-nom*
sudoRunAsUser: ALL
sudoCommand: /usr/bin/systemctl *
*sudoHost: vsrv-bsr-serv1-nom*
sudoCommand: /bin/yum *
sudoCommand: /bin/yumdownloader
sudoOption: !authenticate
sudoOrder: 5
When i test that, i see that:
acdc_admin can lauch all commands on the first machine (*
i-vsrv-acd-ingdis-nom)!* and cannot use sudo on second machine!
On machine i-vsrv-acd-ingdis-nom:
[acdc_admin at i-vsrv-acd-ingdis-nom ~]$* sudo -l*
User acdc_admin may run the following commands on this host:
(ALL) NOPASSWD: /usr/bin/systemctl *, /bin/yum *, /bin/yumdownloader *
=> the 3 commands where i have only specified /usr/bin/systemctl * for this
machine!*
Could you help me please?
* How specify for 1 ldapuser, many different sudocommand according to the
machine ?*
Best regards
Zorgui
More information about the sudo-users
mailing list