[sudo-users] Conflict while a user is in two groups?
Paul Cantle
paul at cantle.me
Tue Oct 4 11:25:25 MDT 2016
Hi,
Are you sure you have the rules in that order that you display below? i.e. %users first and then %wheel after it?
The man page suggests that the last rule will apply when multiple entries match:
When multiple entries match for a user, they are applied in order.
Where there are multiple matches, the last match is used (which is not necessarily the most specific match).
Rgds
Paul
On 04/10/2016, 18:14, "sudo-users on behalf of Bernard Fay" <sudo-users-bounces at sudo.ws on behalf of bernard.fay at gmail.com> wrote:
Hi,
Is it possible a conflict may happen if a user is in two groups:
[root at FILESRV01 ~]# groups bern
bern : Administrators users wheel
In /etc/sudoers, I defined the following entries:
%users FILESRV01=(ALL) NOPASSWD:/bin/smbpasswd, /bin/ldappasswd
%wheel ALL=(ALL) ALL
There is a script that call /bin/smbpasswd and /bin/ldappasswd and I expect
users will not have to enter their passwords to run those two commands.
For users only in the group users it works fine but not for the users being
in group users and wheel such a the shown user bern, it does not work.
Does something can be done or I have to remove the users from group wheel?
Thanks,
Bernard
____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
https://www.sudo.ws/mailman/listinfo/sudo-users
More information about the sudo-users
mailing list